I know the security in seam is not yet finished but as far as I can not implement my use case. Let me explain:
On my login form I have 3 inputfields, a username, a password and a domain. When the user clicks the login button the system needs to get all loginmodules configured for the given domain and authenticate against them according to the configuration. so what I would need is a configuration like this (login-config from jbossAS: | <application-policy name="internal"> <!-- name is the given domain --> | <authentication> | <login-module code="foo.bar.LDAPLoginModule" flag="optional"> | <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> | <module-option name="java.naming.provider.url">ldap://1.2.3.4:389/</module-option> | <module-option name="java.naming.security.authentication">simple</module-option> | <module-option name="principalDNPrefix">uid=</module-option> | <module-option name="principalDNSuffix">,ou=User,dc=test2,dc=local</module-option> | <module-option name="roleName">OpenLDAP</module-option> | </login-module> | <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="optional"> | <module-option name="dsJndiName">java:/LoginDS</module-option> | <module-option name="principalsQuery">select Password from Principals where PrincipalID=?</module-option> | <module-option name="rolesQuery">select Role, RoleGroup from Roles where PrincipalID=?</module-option> | </login-module> | </authentication> | </application-policy> | | <application-policy name="external"> | <authentication> | <login-module code="foo.bar.LDAPLoginModule" flag="optional"> | <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> | <module-option name="java.naming.provider.url">ldap://20.30.40.50:389/</module-option> | <module-option name="java.naming.security.authentication">simple</module-option> | <!--module-option name="principalDNPrefix">uid=</module-option--> | <module-option name="principalDNSuffix">@test.local</module-option> | <module-option name="roleName">Active Directory</module-option> | </login-module> | <loginmodule class="foo.bar.SeamCustomLoginModule" | flag="required"> | <option name="paramTypes"> | java.lang.String,java.lang.String,java.lang.String,java.util.Set | </option> | <option name="authMethod"> | #{authenticator.authenticate} | </option> | </loginmodule> | </authentication> | </application-policy> | | Please notice that the attribute name in application-policy should match the domain the user selects on the login form and then authentication should be performed against the loginmodules in this application-policy. | | Maybe someone can give me a pointer what to extend or how to support such an authentication use case | | regards Mike View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4002979#4002979 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4002979 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
