[jboss-dev-forums] [PicketBox Development] - JSR-160 connectors security
David Lloyd
do-not-reply at jboss.com
Tue Apr 6 13:57:04 EDT 2010
David Lloyd [http://community.jboss.org/people/david.lloyd%40jboss.com] replied to the discussion
"JSR-160 connectors security"
To view the discussion, visit: http://community.jboss.org/message/535884#535884
--------------------------------------------------------------
Yeah you don't need a properties file, just something like this pseudocode:
class YourAuth implements JMXAuthenicator {
String configName = ...get this from jboss-beans.xml...;
LoginContext context = ...get this from configName...;
YourCallbackHandler cbh = ...has writable properties for user/pass...;
[...]
public synchronized Subject authenticate(Object creds) {
String user, pass;
user = ((String[])creds)[0]; pass = ((String[])creds)[1];
// validate user/pass (not shown)
// now put it on cbh
cbh.setUserName(user); cbh.setPassword(pass);
// authenticate:
context.login();
Subject s = context.getSubject();
s.setReadOnly();
return s;
}
}
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/535884#535884]
Start a new discussion in PicketBox Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2088]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20100406/cb058256/attachment.html
More information about the jboss-dev-forums
mailing list