[jboss-user] [Security & JAAS/JBoss] - my login method is accessed twice

Fri, 22 Dec 2006 08:16:23 -0800 

Hi,
I have the following configuration in my login-config.xml file:


  | <?xml version="1.0" encoding="UTF-8"?>
  | <!DOCTYPE policy PUBLIC
  |     "-//JBoss//DTD JBOSS Security Config 3.0//EN"
  |     "http://www.jboss.org/j2ee/dtd/security_config.dtd";>
  | <policy>
  |     <application-policy name="emp-mft">
  |             <authentication>
  |                     <login-module 
  |                             code="org.jboss.security.ClientLoginModule" 
  |                             flag="required">
  |                     </login-module>
  |                     
  |                     <login-module
  |                             code="com.xxx.MyCustomLoginModule1"
  |                             flag="sufficient">
  |                             <module-option 
name="tryFirstPass">true</module-option>
  |                             <module-option 
name="replacePass">true</module-option>
  |                     </login-module>
  |             
  |                     <login-module
  |                             code="com.xxx.MyCustomLoginModule2"
  |                             flag="sufficient">
  |                     </login-module>
  |                     
  | </authentication>
  |     </application-policy>
  | </policy>
  | 

I have 2 problems:
1) My login/commit methods in MyCustomLoginModule1 and MyCustomLoginModule2 are 
called twice. Is it supposed to work like that ? 
>From what I read about login modules, I think I should get a single 
>login/commit or login/abort - depending on the overall result.

2) In my current tests MyCustomLoginModule2 does the main work - it is the one 
that performs the login. As I was saying, I get 2 calls to the login method: 
one of them is succesfull, the other is not. 
 - If I set required for MyCustomLoginModule2, I'm getting a failed overall 
result  because one of the logins fails.(if it would be only one, I woulnd't 
have this problem).
 - If I set sufficient for it, my calls pass through, no matter if the 
credentials are valid or not (and that's because ClientLoginModule is always 
successful, so the overall is successful). For some weird reason, the login 
that fails doesn't have any importance here.. 
  
Any help would be greatly appreciated !

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3995897#3995897

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3995897
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to