5 Replies Latest reply on Aug 22, 2008 12:17 PM by Ragav Gomatam

    Unable to get the authentication details in CustomLoginModul

    Meiyappan Kannappa Newbie


      I am using webauthentication and custom login module for login purpose.

      How to get the login details used in webAuthentication.login(username,password) in JBoss custom login module....

      I am extending my customlogin module from UsernamePasswordLoginModule class, when I use the getUserName() method in super class I am getting username as null.

      I tried by extending my customloginmodule class from AbstractServerLoginModule and tried to get the username from sharedstate object, But i am getting SharedState object as null.

      Please suggest me how to get the username and password in Jboss CustomLoginModule

      My client is like the folowing

      boolean stat=webAuthentication.login(agencyLoginForm.getUserId(), agencyLoginForm.getPassword());
      System.out.println("after login+stat"+stat);

      My CustomLoginModule class will be like the one

      public class TPLoginModule extends UsernamePasswordLoginModule{

      private Subject subject;
      private CallbackHandler handler;
      private Map sharedState;
      private Map options;
      private boolean loginOk = false;
      private String username;
      private String[] roles = {"admin","agent","vendor"};
      private String password;
      SimplePrincipal principal;
      private AgencyLoginDelegate agencyLoginDelegate=new AgencyLoginDelegate();
      SessionInfo sessionInfo;
      public void initialize(Subject subject, CallbackHandler handler, Map sharedState, Map options) {
      //super.initialize(subject, handler, sharedState, options);
      System.out.println("Initialize of New TPLoginModule");
      this.subject = subject;
      this.handler = handler;
      this.sharedState = sharedState;
      this.options = options;
      public boolean login() throws LoginException {
      System.out.println("login method of New TPLoginModule");
      HttpServletRequest req=(HttpServletRequest)PolicyContext.getContext("javax.servlet.http.HttpServletRequest");
      //Subject caller = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
      //System.out.println("caller "+caller);
      //System.out.println("caller.getPrincipals() "+caller.getPrincipals());
      System.out.println("Inside daaaaaaaaaaa"+subject);
      System.out.println("options "+options);
      System.out.println("super.getUsername() "+super.getUsername());
      sessionInfo = (SessionInfo)req.getSession().getAttribute("sessionInfo");

      principal=new SimplePrincipal(username);
      catch (Exception e ){
      return false;
      public boolean commit() throws LoginException {
      System.out.println("commit of New TP");
      if ( ! loginOk ) {
      System.out.println("invalid logon Returing false from commit");
      return false;
      RDSGroup group = new RDSGroup("Roles");
      for(int r = 0; r < roles.length; r ++) {
      SimplePrincipal role = new SimplePrincipal(roles[r]);
      System.out.println("group added");
      return true;

      public boolean abort() throws LoginException {
      return true;
      public boolean logout() throws LoginException {
      return true;
      protected Group[] getRoleSets() throws LoginException {
      Group[] groups = {new RDSGroup("Roles")};
      for(int r = 0; r < roles.length; r ++) {
      SimplePrincipal role = new SimplePrincipal(roles[r]);
      log.info("Found role="+roles[r]);
      return groups;
      protected Principal getIdentity() {
      return principal;
      protected String getUsersPassword() throws LoginException {
      /*try {
      InitialContext ctx = new InitialContext();
      String userPath = userPathPrefix + '/' + super.getUsername();
      log.info("Getting password for user="+super.getUsername());
      String passwd = (String) ctx.lookup(userPath);
      log.info("Found password="+passwd);
      return passwd;
      } catch(NamingException e) {
      log.error("Failed to obtain password foruser="+super.getUsername(), e);
      throw new LoginException(e.toString(true));
      */return null;


      I have password-stacking entry in my login-config.xml as useFirstPass

      Please help me