[jboss-user] [Security & JAAS/JBoss] - Re: Jboss SSO Web Application

Sat, 04 Nov 2006 07:09:33 -0800 

Alright....Hook this in as LoginProvider

package org.jboss.security.idm.ldap;

import java.security.Principal;
import java.util.Collection;
import java.util.Properties;

import org.jboss.security.idm.Identity;
import org.jboss.security.idm.IdentityException;
import org.jboss.security.idm.LoginProvider;

public class DummyLoginProvider implements LoginProvider {
    private String id = null;

    public DummyLoginProvider(String id,Properties properties) 
    {
        super();
        this.id = id;
    }

    public String getId() throws IdentityException 
    {
        System.out.println("ID="+this.id);
        return this.id;
    }

    public Identity read(Principal principal) throws IdentityException 
    {
        return this.read(principal.getName());
    }

    public Identity read(String username) throws IdentityException 
    {
        Identity identity = new Identity();
        identity.setUserName("nick10");
        identity.setPassword("nick10".getBytes());
        return identity;
    }

    public boolean exists(Principal principal) throws IdentityException 
    {
        return this.exists(principal.getName());
    }

    public boolean exists(String username) throws IdentityException 
    {
        return true;
    }

    public boolean login(Principal principal, byte[] password)
            throws IdentityException 
    {
        return true;
    }

    public boolean login(String username, byte[] password) throws 
IdentityException 
    {
        return false;
    }

    public Collection readAllRoles() throws IdentityException 
    {
        return new java.util.ArrayList();
    }
}

This should make SSO login over to nick2/test.jsp....I see proper Principal in 
the Console log.


Basically: JAAS Module and LoginProvider must both pull same username and 
password data....Hence, I treat JAAS Module as a Façade for tomcat 
authentication but use LoginProvider to pull all info in the JAAS module 
implementation.



Since JAAS is pretty intense to configure, I am probably going to add support 
for non-JAAS logins in the SSO framework soon.

Thanks for all your feedback

Sohil


View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3983220#3983220

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3983220

_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to