[jboss-user] [Security & JAAS/JBoss] - Re: Integration of Custom Client and Server Login Modules

kearns do-not-reply at jboss.com
Mon Jul 17 11:50:00 EDT 2006


In the commit() of the client login module I add to the subject:


where  tempCredentials contains the property name-value pairs:

                c.setProperty("nhs number", nhsNum);
                c.setProperty("customer id", custId);

The passive callback handlers PassiveCallbackHandler has constructor that takes a username and password so its handle() method does not have to prompt the user for input. This information is supplied by a JUnit test or by a jsp which gets the information from a HTML form. There is no peripheral security restrictions.

It is the custId that needs to be visible to the custom server login module.

At this time the application is deployed on my desktop running a default JBoss server.

Hope this helps. Cheers

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3958514#3958514

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3958514

More information about the jboss-user mailing list