<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<body link="#355491" alink="#4262a1" vlink="#355491" style="background: #e2e2e2; margin: 0; padding: 20px;">
<div>
<table cellpadding="0" bgcolor="#FFFFFF" border="0" cellspacing="0" style="border: 1px solid #dadada; margin-bottom: 30px; width: 100%; -moz-border-radius: 6px; -webkit-border-radius: 6px;">
<tbody>
<tr>
<td>
<table border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" style="border: solid 2px #ccc; background: #dadada; width: 100%; -moz-border-radius: 6px; -webkit-border-radius: 6px;">
<tbody>
<tr>
<td bgcolor="#000000" valign="middle" height="58px" style="border-bottom: 1px solid #ccc; padding: 20px; -moz-border-radius-topleft: 3px; -moz-border-radius-topright: 3px; -webkit-border-top-right-radius: 5px; -webkit-border-top-left-radius: 5px;">
<h1 style="color: #333333; font: bold 22px Arial, Helvetica, sans-serif; margin: 0; display: block !important;">
<!-- To have a header image/logo replace the name below with your img tag -->
<!-- Email clients will render the images when the message is read so any image -->
<!-- must be made available on a public server, so that all recipients can load the image. -->
<a href="http://community.jboss.org/index.jspa" style="text-decoration: none; color: #E1E1E1">JBoss Community</a></h1>
</td>
</tr>
<tr>
<td bgcolor="#FFFFFF" style="font: normal 12px Arial, Helvetica, sans-serif; color:#333333; padding: 20px; -moz-border-radius-bottomleft: 4px; -moz-border-radius-bottomright: 4px; -webkit-border-bottom-right-radius: 5px; -webkit-border-bottom-left-radius: 5px;"><h3 style="margin: 10px 0 5px; font-size: 17px; font-weight: normal;">
Evading Authentication
</h3>
<span style="margin-bottom: 10px;">
created by <a href="http://community.jboss.org/people/satish.kinikiri">Satish Kinikiri</a> in <i>Beginner's Corner</i> - <a href="http://community.jboss.org/message/645578#645578">View the full discussion</a>
</span>
<hr style="margin: 20px 0; border: none; background-color: #dadada; height: 1px;">
<div class="jive-rendered-content"><p>Hi</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>I am trying to introduce single-sign-on (SSO) for our application.</p><p>Currently our application has a custom login module. I want to retain it the same authenication process when user is logging in directly with username/password (through non-SSO).</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>And want to add authenication system to when the user tried to login into my app using application through some API.</p><p>(Through SSO user name is availalble but not password I will make use of the username to create roles)</p><p>Current authenication process :</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>LoginClient loginClient = new LoginClient(loginName, loginPassword, true /* server login */);</p><p>AppIQUserData user = loginClient.login();</p><p>......</p><p>......</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>and Login client is</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>public LoginClient(String username, String password, boolean serverLogin)</p><p>        throws LoginException</p><p>    {</p><p>        this(new UsernamePasswordHandler(username, password), serverLogin);</p><p>    }</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p> public LoginClient (CallbackHandler handler, boolean serverLogin) throws LoginException</p><p>    {</p><p>        this(handler, serverLogin ? SecurityConstants.SECURITY_DOMAIN : SecurityConstants.CLIENT_DOMAIN, serverLogin);</p><p>    }</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>    public LoginClient (CallbackHandler handler, String securityDomain, boolean serverLogin) throws LoginException</p><p>    {</p><p>        log.trace2("login security domain: " + securityDomain);</p><p>        this.serverLogin = serverLogin;</p><p>        context = new LoginContext(securityDomain, handler);</p><p>    }</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p> /**</p><p>     * Perform a login to the AppIQ system.</p><p>     * @return The AppIQUserData that has been authenticated</p><p>     * @throws LoginException if the login fails</p><p>     */</p><p>    public synchronized AppIQUserData login() throws LoginException</p><p>    {</p><p>        log.trace2("login - " + (serverLogin ? "SERVER" : "CLIENT"));</p><p>        </p><p>        context.login();</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>        if (!serverLogin)</p><p>            return null;</p><p>        </p><p>        Subject subject = context.getSubject();</p><p>        if (subject == null)</p><p>            throw new LoginException(LocalizationUtilities.localize("Exceptions", "LoginFailedNoSubject"));</p><p>        log.trace2("login SERVER returns subject: " + subject.toString());</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>        AppIQUserData user = SecurityMethods.getCallerPrincipal(subject);</p><p>        if (user == null)</p><p>            throw new LoginException(LocalizationUtilities.localize("Exceptions", "UnableToExtractAppIQUserData"));</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>        /* Stash the context in a cache so that we can re-authenticate when we</p><p>                     * need to in order to force updates to login credentials when</p><p>                     * necessary. </p><p>                     */</p><p>                    SecurityMethods.add(context);</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>        return user;</p><p>            </p><p>    }</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>Any idea how we can have the option of avoiding authenication when we are using UsernamePasswordHandler.</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>Thanks</p><p><a class="jive-link-email-small" href="mailto:Satish.kinikiri@gmail.com" target="_blank">Satish.kinikiri@gmail.com</a></p></div>
<div style="background-color: #f4f4f4; padding: 10px; margin-top: 20px;">
<p style="margin: 0;">Reply to this message by <a href="http://community.jboss.org/message/645578#645578">going to Community</a></p>
<p style="margin: 0;">Start a new discussion in Beginner's Corner at <a href="http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075">Community</a></p>
</div></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div>
</body>
</html>