[jboss-user] [Security & JAAS/JBoss] - Unable to get the authentication details in CustomLoginModul

mechatronics12 do-not-reply at jboss.com
Thu Aug 7 02:01:46 EDT 2008


I am using webauthentication and custom login module for login purpose.

How to get the login details used in webAuthentication.login(username,password) in JBoss custom login module....

I am extending my customlogin module from UsernamePasswordLoginModule class, when I use the getUserName() method in super class I am getting username as null.

I tried by extending my customloginmodule class from AbstractServerLoginModule and tried to get the username from sharedstate object, But i am getting SharedState object as null.

Please suggest me how to get the username and password in Jboss CustomLoginModule

My client is like the folowing

boolean stat=webAuthentication.login(agencyLoginForm.getUserId(), agencyLoginForm.getPassword());
System.out.println("after login+stat"+stat);

My CustomLoginModule class will be like the one

public class TPLoginModule extends UsernamePasswordLoginModule{
	private Subject subject;
	private CallbackHandler handler;
    private Map sharedState;
    private Map options;
    private boolean loginOk = false;  
    private String username;
    private String[] roles = {"admin","agent","vendor"};
    private String password;
    SimplePrincipal principal;
    private AgencyLoginDelegate agencyLoginDelegate=new AgencyLoginDelegate();
    SessionInfo sessionInfo;
	public void initialize(Subject subject, CallbackHandler handler, Map sharedState, Map options) {
		//super.initialize(subject, handler, sharedState, options);
		System.out.println("Initialize of New TPLoginModule");
		this.subject = subject;
		this.handler = handler;
		this.sharedState = sharedState;
		this.options = options;
	public boolean login()  throws LoginException {
		  System.out.println("login method of New TPLoginModule");
			  	HttpServletRequest req=(HttpServletRequest)PolicyContext.getContext("javax.servlet.http.HttpServletRequest");
			  	//Subject caller = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
			  	//System.out.println("caller "+caller);
			  	//System.out.println("caller.getPrincipals() "+caller.getPrincipals());
	            System.out.println("Inside daaaaaaaaaaa"+subject);
	            System.out.println("options "+options);
	            System.out.println("super.getUsername() "+super.getUsername());
            	sessionInfo 				= (SessionInfo)req.getSession().getAttribute("sessionInfo");
	            	principal=new SimplePrincipal(username);
	        catch (Exception e ){
	        	return false;
	 public boolean commit() throws LoginException    {
		    System.out.println("commit of New TP");
	        if ( ! loginOk ) {
	        	System.out.println("invalid logon Returing false from commit");
	        	return false;
            RDSGroup group = new RDSGroup("Roles");
            for(int r = 0; r < roles.length; r ++) {
                SimplePrincipal role = new SimplePrincipal(roles[r]);
            System.out.println("group added");
	        return true;
	    public boolean abort() throws LoginException {
	    	return true;
	    public boolean logout() throws LoginException {
	    	return true;
		protected Group[] getRoleSets() throws LoginException {
            Group[] groups = {new RDSGroup("Roles")};
            for(int r = 0; r < roles.length; r ++) {
                SimplePrincipal role = new SimplePrincipal(roles[r]);
                log.info("Found role="+roles[r]);
            return groups;
		protected Principal getIdentity() {
		  return principal;
		protected String getUsersPassword() throws LoginException {
			/*try {
				InitialContext ctx = new InitialContext();
				String userPath = userPathPrefix + '/' + super.getUsername();
				log.info("Getting password for user="+super.getUsername());
				String passwd = (String) ctx.lookup(userPath);
				log.info("Found password="+passwd);
				return passwd;
				} catch(NamingException e) {
				log.error("Failed to obtain password foruser="+super.getUsername(), e);
				throw new LoginException(e.toString(true));
				*/return null;

I have password-stacking entry in my login-config.xml as useFirstPass

Please help me

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4169187#4169187

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4169187

More information about the jboss-user mailing list