1 Reply Latest reply on Jul 27, 2007 2:54 PM by Mike Kohout

    Having problems setting up custom login module.

    Mike Kohout Newbie

      My employer uses secure cookies as part of an enterprise home grown single sign on solution, and this forced me(for the first time) to write my own module, callback, and callback handler as part of a JBoss Seam EAR.

      I believe my code is good but I'm having trouble setting up my module in JBoss 4.2. Right now, I can set breakpoints in my code and JBoss is going through my callback and my callback hander...but it never actually calls the LoginModule itself.

      If my goal is to keep all the configuration inside the ear, what files do I need to touch and how? How am I messing it up?

      thus far(and to no effect) I've altered my web.xml to include this:

      <application-policy name = "X500">
      
       <authentication>
       <login-module code = "edu.umn.ictr.mentor.action.X500LoginModule"
       flag = "required" />
       </authentication>
       </application-policy>
      


      I've altered the ear's jboss-app.xml file like so:
       <module>
       <service>META-INF/jboss-service.xml</service>
       </module>
      


      and I've defined my ear's jboss-service like so:
      <?xml version="1.0" encoding="UTF-8"?>
      <server>
       <!-- The custom JAAS login configuration that installs
       a Configuration capable of dynamically updating the
       config settings
       -->
       <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
       name="jboss.security.tests:service=LoginConfig">
       <attribute name="PolicyConfig" serialDataType="jbxb">
       <jaas:policy
       xsi:schemaLocation="urn:jboss:security-config:4.1 resource:security-config_4_1.xsd"
       xmlns:jaas="urn:jboss:security-config:4.1"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       >
       <jaas:application-policy name="X500">
       <jaas:authentication>
       <jaas:login-module code="edu.umn.ictr.mentor.action.X500LoginModule"
       flag="required">
       </jaas:login-module>
       </jaas:authentication>
       </jaas:application-policy>
       </jaas:policy>
       </attribute>
       <depends optional-attribute-name="LoginConfigService">
       jboss.security:service=XMLLoginConfig
       </depends>
       <depends optional-attribute-name="SecurityManagerService">
       jboss.security:service=JaasSecurityManager
       </depends>
       </mbean>
      </server>
      



      This bonehead would appreciate any suggestions.