[jboss-user] [Security & JAAS/JBoss] - Re: ExtendedFormAuthenticator touch-up
aparolini88
do-not-reply at jboss.com
Mon Nov 5 04:25:08 EST 2007
Just a though:
I have written more or less the same FormAuthValve you have for our apps ( since we don't use your SecurityAssociation object, we have our own Principal class).
I use too a threadlocal var to hold my loginexception in order to overcome the JAAS limitation, but in my implementation, I just put the populateSession() method in the forwardToErrorPage(), and not in :authenticate() and forwardtoLoginPage(). Doing so the use of notes to avoid doing the work several times is not required any more.
- antonio
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4101687#4101687
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4101687
More information about the jboss-user
mailing list