Hi, I am using JBoss4.01 and trying to get JAAS working. Requirements - 1.Some pages can be viewed by everybody without login(anonymous) 2.Page A requires login depending on client IP address. If the client IP matches with a predefined one, no need to login and hence the resource is not a protected one, otherwise a login needs to happen.
My approach - As soon as user accesses the site, a filter would try to (implicitly)login the user and return a 'priviligedrole' if the IP matches. Right now I have written my own CallbackHandler and Loginmodule(very basic), but I get a null pointer exception because there is no password/IP set. The problem - 1.How do I pass the IP address 2.Can I make use of the ClientLoginModule. 3.If I fake the password field and actually pass the IP address, how do I actually pass the password when login is reqd. 4.Is my approach of implicit logging commonly used? Is there anything to be careful about I have read the JAAS How to guide, but that also does not seem to answer my question. I'd appreciate your response. Thanx View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3880713#3880713 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3880713 ------------------------------------------------------- This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput a projector? How fast can you ride your desk chair down the office luge track? If you want to score the big prize, get to know the little guy. Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
