[jboss-user] [Beginners Corner] - Re: Authentication Error

lesquivel do-not-reply at jboss.com
Wed Aug 19 09:44:59 EDT 2009 

Hello Wolfgang and thanks for your reply!

Ok, here is more information thanks for your patience.

I am using JBoss 5.1.0GA - JDK6.  
I am also usuing a custom login config.  Below is the configuration:

  | 	<application-policy name="MYCOMPANY-login-module">
  |   <authentication>
  |     <login-module code="org.MYCOMPANY.security.auth.MYCOMPANYLoginModule" flag="required">
  |       <module-option name = "mode">USER</module-option>    
  |      
  |     </login-module>
  | 
  |   </authentication>
  | </application-policy>
  | 
  | 

Part of the Login Module Code:

  | 
  | public boolean login() throws LoginException
  |   {
  |     Session ses = null;
  |     try
  |     {
  |       valid = false;
  |       int code;
  |       NameCallback n = new NameCallback("User Name - ", "Guest");
  |       PasswordCallback p = new PasswordCallback("Password - ", false);
  | 
  |       callbackHandler.handle(new Callback[]{n, p});
  |       userName = n.getName().trim();
  |       password = new String(p.getPassword()).trim();
  |       code = General.getLoginID(userName, password); //validate login with username code >0 successfully authenticated
  |       if (code > 0) //if valid login ID was found for user name and password
  |       {
  |         ses = HibernateFactory.getInstance().getSession();
  |         Login login = (Login)ses.load(Login.class, Integer.toString(code));
  |         namePrincipal = new MYCOMPANYPrincipal(login);
  |         valid = true;
  |       }
  |       else if (isValidUserName(userName) && Employers.isValidTemporaryPassword(userName, password)) //if user name and password are valid
  |       {
  |         NewEmployeePrincipal nep = new NewEmployeePrincipal(userName);
  |         Login login = new Login();
  |         login.getAssociations().add(nep);
  |         login.setCurrentAssociation(nep);
  |         login.setName(userName);
  |         namePrincipal = new MYCOMPANYPrincipal(login);
  |         valid = true;
  |       }
  |       if (!valid)
  |       {
  |         logger.info("NOT A VALID login() - Invalid Username/Password combination - MYCOMPANYLoginModule.login()");
  | 
  |       }
  |       return valid;
  |     }
  |     catch(Throwable t)
  |     {
  |       t.printStackTrace();
  |       logger.error("Exception - MYCOMPANYLoginModule: " , t);
  |       SessionLog.exception(this.getClass().getName() + ".login() exception: ", t);
  |       throw new LoginException(this.getClass().getName() + ".login() exception: " + t);
  |     }
  |     finally
  |     {
  |       if (ses != null)
  |       {
  |         try
  |         {
  |           ses.close();
  |         }
  |         catch(Exception e)
  |         {
  |           SessionLog.exception(this.getClass().getName() + ".login() exception: ", e);
  |         }
  |       }
  |     }
  |   }
  | 
  | 

Everything returns as I expect on the login code. I still have more work on my part to integrate another login module that deals with roles for our authentication but what throws me off is that exception message that the security context has not been set.  

I hope this is the information you need to help.  Please let me know if there is anything else I can look at or post here.

Thanks again!


View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4250404#4250404

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4250404

More information about the jboss-user mailing list