I have written following class to authenticate users ( magnolia and my web app
module )stored in my own db.
For the test purpose I have used some mock data hardcoded inside the class -
but this is not a problem since the class can't be seen by magnolia
[code]public class ExternalJAASModule extends JCRAuthorizationModule {
User user;
@Override
public void validateUser() throws LoginException {
this.user = authenticate(this. name, new String(this.pswd));
if (this.user == null) {
throw new FailedLoginException("User not found or password
incorrect");
}
if (this.user.getAllGroups() != null) {
this.setGroupNames((Set<String>)this.user.getAllGroups());
}
if (this.user.getAllRoles() != null) {
this.setRoleNames((Set) this.user.getAllRoles());
}
}
@Override
public void setEntity() {
//EntityImpl entity = new EntityImpl();
Entity user = new EntityImpl(); //<-deprecated
user.addProperty(Entity.LANGUAGE, this.user.getLanguage());
user.addProperty(Entity.NAME, this.user.getName());
user.addProperty(Entity.PASSWORD, new String(this.pswd));
this.subject.getPrincipals().add(user);
}
private User authenticate(String name, String passwd){
HashMap<String, String> map = new HashMap<String, String>();
map.put(Entity.LANGUAGE, "gb");
map.put(Entity.NAME, "Jan");
map.put(Entity.PASSWORD, "Jan");
map.put(Entity.EMAIL, "[email protected]");
GroupList grList = new GroupListImpl();;
grList.add("publishers");
RoleList roleList = new RoleListImpl();
roleList.add("superuser");
roleList.add("app_admin");
//ExternalUser user = new ExternalUser(map, grList, roleList);
User user = new ExternalUserManager().getUser( map, grList,
roleList );
return user;
}[/code]
jaas.config
[code]magnolia {
security.jaas.ExternalJAASModule sufficient;
info.magnolia.jaas.sp.jcr.JCRAuthenticationModule requisite;
info.magnolia.jaas.sp.jcr.JCRAuthorizationModule required;
};
[/code]
I also need to mention that security.jaas.ExternalJAASModule in class placed in
my blossom-sample-module while jaas.config is placed in
magnolia-blossom-sample-webapp. Can it be a problem ?
When I'm trying to login from default magnolia page I'm getting following error:
[code]ERROR info.magnolia.cms.security.SecuritySupportBase : Can't login due
to:
javax.security.auth.login.LoginException: No LoginModules configured for
magnolia
at javax.security.auth.login.LoginContext.init(LoginContext.java:256)
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:403)
at
info.magnolia.cms.security.SecuritySupportBase.createLoginContext(SecuritySupportBase.java:88)
at
info.magnolia.cms.security.SecuritySupportBase.authenticate(SecuritySupportBase.java:60)
at
info.magnolia.cms.security.SecuritySupport$$EnhancerByCGLIB$$2db78792.authenticate(<generated>)
at
info.magnolia.cms.security.auth.login.LoginHandlerBase.authenticate(LoginHandlerBase.java:46)
at
info.magnolia.cms.security.auth.login.FormLogin.handle(FormLogin.java:75)
at
info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:69)
at
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:89)
at
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:80)[/code]
--
Context is everything:
http://forum.magnolia-cms.com/forum/thread.html?threadId=9edd8eba-b34f-4788-bab1-a875eec35430
----------------------------------------------------------------
For list details, see http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
