2 Replies Latest reply on Jul 8, 2003 9:34 AM by anjboss

    Custom LoginModule howto ?

    anjboss Newbie

      I am needing to implement a Custom LoginModule with JBoss. I have it working with JAAS yet am unsure of the implementation with JBoss. In basic terms I have a class
      DBLoginModule implements LoginModule
      public void initialize(Subject subject,CallbackHandler callback,Map shared_state,Map options)

      public boolean login()

      public boolean commit()

      public boolean abort()

      public boolean logout()

      and I package this into a jar and pop it into $JBOSS_HOME/server/default/lib
      I have also tried putting it in $JBOSS_HOME/client

      I have edited client/auth.conf to include this login module.

      In the $JBOSS_HOME/server/default/conf/login-config.xml I have adjusted my module (from the provided DatabaseServerLoginModule) to use instead my custom module.

      When I run my web-app and I go to a page that needs authentication, it goes through the FORM based authentication, but then Jetty comes back with

      org.jboss.jetty.security.JBossUserRealm#null] authentication failure: my_login

      i.e it never goes into my LoginModule (because I have diagnostic logging that never appears).

      Questions :
      a). is it possible to use a plain JAAS LoginModule like mine in JBoss, or do I have to extend the provided JBoss modules ?
      b). if it is possible, what am I doing wrong here ? Do i need to put jaas.policy/config files somewhere ?


        • 1. Re: Custom LoginModule howto ?
          Adrian Brock Master

          client/auth.conf is not used.

          When you say you changed the default (there is no default)
          what did you change?
          Do you have the security-domain configured in jboss-web.xml?

          Post your deployment descriptors and login-config.xml


          • 2. Re: Custom LoginModule howto ?
            anjboss Newbie

            OK, In my WAR i have web.xml which includes the following

            <web-resource-name>Account Page</web-resource-name>



            and jboss-web.xml which sets the security-domain like this


            and login-config.xml has an entry like this

            <application-policy name="MyDBRealm">

            <login-module code="mydomain.DBLoginModule" flag="re
            <module-option name="dsJndiName">java:/DefaultDS</module-option>


            If I use "org.jboss.security.auth.spi.DatabaseServerLoginModule" above instead of "mydomain.DBLoginModule" it works fine and goes through the authentication process. Any ideas?