John G [
https://community.jboss.org/people/kvcxn] created the discussion
"Authenticate credentials with LDAP for specific requests (after logging in)"
To view the discussion, visit:
https://community.jboss.org/message/779429#779429
--------------------------------------------------------------
I have a web application that I deploy using JBoss 5.2. In order for a user to use the
application, he/she must authenticate with an LDAP server (using simple authentication)
with a username and password. This is all done through setting up the login-config.xml for
JBoss and providing a <login-module> with our implementation.
The problem comes in here: After having logged in, I have a scenario that requires the
user to provide a username & password when a particular action is performed (which I
will also authenticate with the LDAP server). I want to be able to reuse the same
mechanism that I use for authenticating the user into the web application.
My form to log in to the application posts to j_security_check so in accordance with this,
I was trying to send a request to j_security_check but JBOSS returns a 404. From reading
around a bit, I've gathered j_security_check cannot be accessed by any arbitrary
request and must be in response to a challenged request to a secured resource.
So then, how can I authenticate the second set of credentials the user has provided with
the same LDAP server?
--------------------------------------------------------------
Reply to this message by going to Community
[
https://community.jboss.org/message/779429#779429]
Start a new discussion in JBoss Web Development at Community
[
https://community.jboss.org/choose-container!input.jspa?contentType=1&...]