9 Replies Latest reply on Nov 26, 2004 12:13 PM by drpizza

    Custom LoginModule is rejected by jboss

    zsoltvincze Newbie

      I've written a custom LoginModule that extends javax.security.auth.spi.LoginModule.

      Now, I'm testing this by using it to authenticate the jms-console.

      I changed the relevant secion in login-config.xml so that my login module would be used.

      In the loginmodule's commit method I add a new Principal to the subject which is named as "JBossAdmin".

      When I access the console, my login module logs that the user is verified and that the JBossAdmin principal was added to the subject.

      So to me everything is as I think it should be but jboss still rejects the request with a
      "Access to the requested resource has been denied"
      message after I enter my credentials.

      Could somebody help to determine where the problem is?


      login-config.xml

      <application-policy name = "jmx-console">

      <login-module code="test.sec.TestLoginModule"
      flag = "required">
      </login-module>

      </application-policy>