[jboss-user] [Security & JAAS/JBoss] - Re: JAAS Active Directory Login Obscure Serialization Error

info@connext.co.za do-not-reply at jboss.com
Wed Sep 13 09:27:38 EDT 2006


Good Day,

This is a flaw in the UsernamePasswordLoginModule that raises LoginExceptions encountered by subclasses even though the exception is a LoginException. 

Part 01
I have customised the UsenamePasswordLoginModule to look for the LoginException when validating the password and if encountered re-raises that exception.

Part 02
I customised the password checking in LDAPExtLoginModule to determine if the login failed because of one of the pre-defined LDAP login errors
which are raised with a AuthenticationException and then to raise a property decendant of LoginException that indicates the problem.

The LDAP errors are 525, 52e, 530, 532, 533, 701, 773, 775. If one of these codes are in the message of the authentication exception then there was a problem authenticating the user in LDAP.

O and the problem with LDAPCtx is that it is not serializable so the exception that is raised cannot be serialized to the calling code.




View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3971266#3971266

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3971266



More information about the jboss-user mailing list