[jboss-user] [Security & JAAS/JBoss] - Re: 'sufficient' loginmodules combined with ClientLoginModul

pieter.kuijpers@gmail.com do-not-reply at jboss.com
Mon May 19 11:06:14 EDT 2008


Thanks for the reply. However, that configuration doesn't do what I want:

In this situation:
LdapModule1 (required)=>pass
LdapModule2 (required)=>fail
ClientModule (optional)=>pass

I want the authentication process to pass. But as LdapModule2 is required, the overall result is fail.

Also, I want:
LdapModule1=>fail
LdapModule2=>fail
ClientModule=>pass
Overall=====>fail

As far as I understand, there is no configuration that could do that. The problem is the ClientModule that always passes, even though it doesn't do any real authentication. I think it would be more sensible if ClientModule always returned 'fail', then we could flag it as 'optional'.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4151795#4151795

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4151795



More information about the jboss-user mailing list