I am thinking to create a plugable authentication/athorization module which will interact with the third party web services. I did some research on this topic, here are my findings:
1. Collect the userid/password/other security data from the login form; 2. Pass the above data to the customized CallbackHandler; 3. Initialize the LoginContext("configration on the loginmodule", the customized callback handler);
My questions are:
Can the JBoss container initialize the LoginContext automatically via login-config files?
Do I need to create two plugable customized modules: one for Authentication, one for authorization?
Can you provide any sample configurations on the J2EE decalarative and JACC compliance related confgurations, thanks in advance