Ive gotten SSO to work for jboss portal and a supporting webapp on the same
virtual host. But my login routine not only needs to authenticate the user
against jboss portals user database, but also pull some information from a
supporting database and work with it.
My problem is that I created a login method in my business layer that executes
the following code and succesfully returns true of false for my login
credentials. It however does not set the SSO cookie and I cannot figure out
why not.
Incidently I tested the security constraint and login-config with both BASIC
and FORM authentication and it works like a charm. Without changing anything
but the login forms action from j_security_check to a MyController, which
calls the method below -- it was working fine.
Any help ? Anyone.. Bueller?
Heres the code:
My Authentication Class
| public class SSOLogin {
| protected static final Log log = LogFactory.getLog(SSOLogin.class);
|
|
|
| public boolean authenticate(String userid, String password) throws
LoginException {
| log.info("SSOLogin.authenticate(String, String) was called.");
| boolean result = false;
| try {
| log.info("SSOLogin.authenticate(String, String)
creating LoginContext.");
| LoginContext loginContext = new LoginContext("myauth",
new SSOCallbackHandler(userid, password));
| log.info("SSOLogin.authenticate(String, String)
executing login.");
| loginContext.login();
| result = true;
| } catch (LoginException e) {
| // A production quality implementation would log this
message
| log.info("Exception:: " + e.getMessage());
| result = false;
| throw e;
| }
| log.info("SSOLogin.authenticate(String, String) exiting method
- Login was " + result);
| return result;
| }
| }
|
Which depends on a custom callback handler:
| public class SSOCallbackHandler implements CallbackHandler {
| protected static final Log log =
LogFactory.getLog(SSOCallbackHandler.class);
|
| private String username;
| private char[] credentials;
|
| public SSOCallbackHandler(String username, String
credentials) {
| super();
|
| this.username = username;
| this.credentials = credentials.toCharArray();
| }
|
| public void handle(Callback callbacks[])throws IOException,
UnsupportedCallbackException {
|
| for (int i = 0; i < callbacks.length; i++) {
| if (callbacks instanceof NameCallback) {
| ((NameCallback) callbacks).setName(username);
| }
| else if (callbacks instanceof PasswordCallback) {
| ((PasswordCallback)
callbacks).setPassword(credentials);
| } else {
| throw new UnsupportedCallbackException(callbacks);
| }
| }
| }
| }
|
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3986161#3986161
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3986161
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
