[jboss-user] [Security & JAAS/JBoss] - Re: JAAS problem with LoginModule

Thursday, 5 February 2009

Hi,

please provide full code of your login module (e.g. the base class).

I built a custom login module once, and it looked like this:
 public class MyLoginModule extends UsernamePasswordLoginModule
  | {
  | 
  |   public void initialize(Subject subject, CallbackHandler callbackHandler,
  |      Map sharedState, Map options)
  |   {
  |     super.initialize(subject, callbackHandler, sharedState, options);
  |     
  |     ...initialize module according to config from "options"....
  | 
  |   }
  | 
  |   /**Get roles of current user
  |    * @return An Array of user roles roles 
  |    */
  |   protected Group[] getRoleSets() throws LoginException
  |   {
  |       Group[] groups = { new SimpleGroup("Roles") };
  | 
  |       String user = super.getUsername();
  | 
  |       //Get roles for user:
  |       SimplePrincipal role = new SimplePrincipal("role_of_user");
  |       groups[0].addMember(role);
  |       return groups;
  |   }
  | 
  |   /**Get password of current user
  |    * @return Password of user
  |    * @throws LoginException If user was not found
  |    */
  |   protected String getUsersPassword() throws LoginException
  |   {
  |      String user = super.getUsername();
  |      if (user.equals ("root") )
  |      {
  |         return "rootpassword";
  |      }
  |   }
  | 

I think you should not override method "login", but "getRoleSets" and
"getUsersPassword"

Hope this helps

Wolfgang

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4207364#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [Security & JAAS/JBoss] - Re: JAAS problem with LoginModule