[jboss-user] [JBoss Portal] - Re: Problem with Custom Auth Module

jsports do-not-reply at jboss.com
Wed Sep 10 23:09:22 EDT 2008 

It's very easy to do.
There are 2 steps.
1.Cas Authentication
You can write a public class CASAuthenticationService implements org.jboss.portal.identity.sso.AuthenticationService
,
then define it as a MBean in jboss-portal.sar/meta-inf/jboss-service.xml,
the MBean should like this:

  |    <mbean code="org.jboss.portal.identity.sso.cas.CASAuthenticationService"
  |          name="portal:service=Module,type=CASAuthenticationService"
  |          xmbean-dd=""
  |          xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
  |    <xmbean/>
  |       <depends>portal:service=Module,type=IdentityServiceController</depends>
  |       <attribute name="HavingRole"></attribute>
  |    </mbean>
  | 
you can decalre the resource you need as attribute,and remove the resource you does not use.
you can change the class name,but should not chanage 
 name="portal:service=Module,type=CASAuthenticationService".

2.jboss portal loginmodule
define a loginmodule what you like,extends from the several calss I mentioned before,override validatePassword method like the below:

  | 	protected boolean validatePassword(String inputPassword,
  | 			String expectedPassword) {
  | 		// logger.info("inputPassword=="+inputPassword);
  | 		// logger.info("expectedPassword=="+expectedPassword);
  | 		HttpServletRequest request = null;
  | 		try {
  | 			request = (HttpServletRequest) PolicyContext
  | 					.getContext("javax.servlet.http.HttpServletRequest");
  | 		} catch (Exception e) {
  | 			log.error(this, e);
  | 			throw new RuntimeException(e);
  | 		}
  | 		if (request != null) {
  | 			Object ssoSuccess = request.getAttribute("ssoSuccess");
  | 			// logger.info("ssoSuccess=="+ssoSuccess);
  | 			if (ssoSuccess != null) {
  | 				return true;
  | 			}
  | 		}
  | 		return super.validatePassword(inputPassword, expectedPassword);
  | 	}
  | 

then change the loginmodule declaration in jboss-portal.sar\conf\login-config.xml as your class.



View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4175744#4175744

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4175744

More information about the jboss-user mailing list