You need to write a custom login module for this. It should be pretty easy to modify the sql login module, but you definitely can't use the existing one. For one thing you need a CallableStatement to execute the stored procedure. On the other hand the java code should be a lot simpler.
thanks david jencks On Jul 30, 2010, at 4:06 PM, Tim McConnell wrote: > Hi, I would like to use standard J2EE Form-based authentication using a > j_security_check request to authenticate a user against an Oracle database. > However, the password stored in the database is encrypted, and the only way > to authenticate against that database is to invoke a stored-procedure passing > the Usernanme/Password from the login form, and the stored-procedure will > return a 'Y' or 'N' indicating the success/failure of the authentication. > This doesn't seem to me to fit into the "Database (SQL) Realm" that I see in > Geronimo where a "User SELECT SQL" statement is required to return two > columns: Username and Password. > > Is this scenario easily possible with the current Security Realm types in > Geronimo ?? Or do I need to use the "Other" security realm type and write a > custom Login module ?? Examples would be appreciated. Thanks much..... > > -- > Tim McConnell
