[jboss-user] [Security & JAAS/JBoss] - Re: ExtendedFormAuthenticator touch-up

Monday, 5 November 2007

Just a though:

I have written more or less the same FormAuthValve you have for our apps ( since we
don't use your SecurityAssociation object, we have our own Principal class).

I use too a threadlocal var to hold my loginexception in order to overcome the JAAS
limitation, but in my implementation, I just put the populateSession() method in the
forwardToErrorPage(), and not in :authenticate() and forwardtoLoginPage(). Doing so the
use of notes to avoid doing the work several times is not required any more.

- antonio

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4101687#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [Security & JAAS/JBoss] - Re: ExtendedFormAuthenticator touch-up