[jboss-jira] [JBoss JIRA] Closed: (JBAS-47) Support for jaas CredentialExpiredException and AccountExpiredException

Dimitris Andreadis (JIRA) jira-events at jboss.com
Wed Jan 10 03:14:32 EST 2007 

     [ http://jira.jboss.com/jira/browse/JBAS-47?page=all ]

Dimitris Andreadis closed JBAS-47.
----------------------------------


> Support for jaas CredentialExpiredException and AccountExpiredException
> -----------------------------------------------------------------------
>
>                 Key: JBAS-47
>                 URL: http://jira.jboss.com/jira/browse/JBAS-47
>             Project: JBoss Application Server
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: Security, EJB2
>    Affects Versions: JBossAS-4.0.0 Final, JBossAS-3.2.6 Final, JBossAS-3.2.5 Final
>         Environment: All
>            Reporter: Sergio Berna
>         Assigned To: Scott M Stark
>             Fix For: JBossAS-4.0.1 Final, JBossAS-3.2.7 Final
>
>   Original Estimate: 1 day
>  Remaining Estimate: 1 day
>
> When using a standalone EJB client and JAAS ClientLoginModule correctly authenticates user. But in case a CredentialsExpiredException or AccountExpiredException happens the exception that the standalone client receives is just SecurityException with no other information provided and no way to retrieve the exact cause from the client side.
> Inside the server it is possible to use
> org.jboss.security.SecurityAssociation and its corresponding key org.jboss.security.exception but this is not propagated to the client through the ClientLoginModule making it absolutely impossible for the client application, for example, to start a Credential change.
> I need a way to notify a standalone client of the corresponding javax.security.auth.login.LoginException
>  that happens inside the JAAS LoginModule.
> In JDK 1.4 it would be possible to use the public Throwable initCause(Throwable cause) from SecurityException, but not in 1.3 or 1.2.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list