[jboss-user] [Security] - How to make JAAS Login Failure Page more informative ?
do-not-reply at jboss.com
Mon Nov 23 14:52:18 EST 2009
My stack is as follows :
* JSF 1.2, Facelets, Richfaces 3.2.1
* JAAS - authentication and authorization
* Tomcat 6
Points to note :
1. JAAS is working. I'm able to login into the application.
2. Roles are working. CMA intercepts when I hit a secured resource.
3. Authentication mechanism in web.xml
4. What I really want is to inform the user why the login failed :
- wrong user id
- wrong password
- account locked due to too many unsuccessful attempts
How can I do this ?
The My JAAS LoginModule does not have any handle to session/request/JSF messages ?
I don't want a generic login failure page.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4267132#4267132
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4267132
More information about the jboss-user