[jboss-dev-forums] [Design of Security on JBoss] - Form based authentication in JBoss container
jdsignature
do-not-reply at jboss.com
Fri Oct 12 18:43:06 EDT 2007
I am thinking to create a plugable authentication/athorization module which will interact with the third party web services. I did some research on this topic, here are my findings:
1. Collect the userid/password/other security data from the login form;
2. Pass the above data to the customized CallbackHandler;
3. Initialize the LoginContext("configration on the loginmodule", the customized callback handler);
My questions are:
Can the JBoss container initialize the LoginContext automatically via login-config files?
Do I need to create two plugable customized modules: one for Authentication, one for authorization?
Can you provide any sample configurations on the J2EE decalarative and JACC compliance related confgurations, thanks in advance
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4094812#4094812
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4094812
More information about the jboss-dev-forums
mailing list