[jboss-user] [Security & JAAS/JBoss] - Re: Using valves to perform custom login based on http cooki
acorrea10
do-not-reply at jboss.com
Mon Oct 22 18:25:10 EDT 2007
Thanks Anil,
interesting stuff, the GenericHeaderAuthenticator.
I will give it a try as soon as I can.
However, I am in the final step of a custom solution. I have a valve that intercepts the request, call the custom login module, which in turn use the passed in cookie to retrieve the user groups and populate the java principals. I am extending the AbstractServerLoginModule.
Everything is working ok, except for the final step. Even with the java principals populated (by AbstractServerLoginModule's commit method), the J2EE login form method is being presented to the user again.
One thing to note is that when I call my protected application resource directly, the J2EE form login method is triggered, the same custom login method is executed, and everything flows without errors.
My getRoleSets method is returning a SimpleGroup "Roles" within the user's groups.
Any insights are welcome.
Andre.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4097647#4097647
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4097647
More information about the jboss-user
mailing list