[jboss-user] [Security & JAAS/JBoss] - Using EJB in LoginModule
newbeewan
do-not-reply at jboss.com
Wed Feb 28 11:42:54 EST 2007
Hi,
I'm trying to use an EJB to verify login/password matching, but the loginmodule.abord method is called every time I'm trying to access to the remote interface...
It throws no exception, but the method login method is stopped !
Is there any conflict between EJB security and web container security ?
My LoginModule :
| public class PimLoginModule extends UsernamePasswordLoginModule {
|
| public MyLoginModule() {
|
| }
|
| @Override
| public boolean abort() throws LoginException {
| System.out.println("Abort login");
| return super.abort();
| }
|
| @Override
| public boolean logout() throws LoginException {
| System.out.println("Logout...");
|
| return super.logout();
| }
|
| @Override
| protected String getUsersPassword() throws LoginException {
| System.out.println("username : " + getUsername());
| try {
| UserHome home = UserUtil.getHome();
|
| User user = home.findUserByUserName(getUsername());
| return user.getPassword();
| } catch (Exception e) {
| e.printStackTrace();
| throw new LoginException("Impossible to authenticate user ");
| }
| }
|
| @Override
| protected Group[] getRoleSets() throws LoginException {
| ...
| ...
| }
|
| @Override
| protected boolean validatePassword(String inputPassword,
| String expectedPassword) {
| System.out.println("inputPassword : [" + inputPassword
| + "] expectedPassword : [" + expectedPassword + "]");
| return expectedPassword.equals(inputPassword);
| }
|
| }
|
Many thanks if you have any useful idea !
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4023803#4023803
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4023803
More information about the jboss-user
mailing list