Thanks guys,
I think I've made some headway.... although I'm still having problems.
Here's the latest.....
In the thisSiteLoginCode-1.0.jar I have the loginModule and custom userCallback classes (and a custom exception).
In my custom loginModule, I create a callback array:
Callback[] callbacks = new Callback[3];
callbacks[0] = new NameCallback("Enter user name");
callbacks[1] = new PasswordCallback("Enter password",true);
callbacks[2] = new UserCallback();
then I ask the callbackHandler to handle it....
callBackHandler.handle(callbacks);
Then it goes into the loginCallBackHandler and I iterate through the callback array
for (int i=0; i < callbacks.length; i++)
{
if (callbacks[i] instanceof NameCallback)
{
((NameCallback)callbacks[i]).setName(getEmail());
}
else if (callbacks[i] instanceof PasswordCallback)
{
blah blah
}
else if (callbacks[i] instanceof UserCallback)
{
((UserCallback) callbacks[i]).setUser(retrievedUser);
}
else
{
throw new UnsupportedCallbackException(callbacks[i]);
}
}
It gets through i = 0 , then i=1 but when i =2 it seems as though "callbacks[2] instanceof UserCallback" doesn't work.
I put some debug code in there (System.out.println(callbacks[2].toString());) and it does show the appropriate class name.
So, I'm wondering if perhaps when the original UserCallback was instantiated and put into the callbacks array, it was the class from the separated jar file. And now when it does the instanceof, is it possible that it's referencing the UserCallback in the packaged WAR file?
Has anyone else had a problem with this? Should I not be including the JARed classes in the WAR?
Thanks,
Eric
| "Aaron Mulder"
<[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 21/03/2006 08:25 AM
|
|
The console does not yet let you specify a JAR where it should look
for the login module code -- there's an outstanding JIRA issue for
this. So what you need to do is configure things in the console (but
don't have it try a login), and then instead of deploying the security
realm right there, have it generate a plan for you, put the
<dependency> element David described into the plan (at the top, just
inside the main element), and then save that to a file and deploy it
on the command line like:
java -jar bin/deployer.jar deploy my-security-plan.xml
Thanks,
Aaron
On 3/21/06, David Jencks <[EMAIL PROTECTED]> wrote:
>
>
> On Mar 20, 2006, at 6:50 PM, [EMAIL PROTECTED] wrote:
>
> OK.....
>
> Since I've got a custom login module I've went ahead and packaged the
> module, callback, callbackHandler and principal into a jar and threw it into
> the /repository/login/thisSiteLoginCode-1.0.jar.
>
> Assuming this is the geronimo repository, it should be in
> repository/login/jars/thisSiteLoginCode-1.0.jar
>
> The plan that defines the GenericSecurityRealm and the LoginModule gbean
> needs to include
>
> <dependency>
> <groupId>login</groupId>
> <artifactId>thisSiteLoginCode</artifactId>
> <version>1.0</version>
> </dependency>
>
>
>
> Then I created a securty realm using the console defining, the module class,
> control flag to "requred", servier side to "servier side" and "no" support
> advanced mapping.
>
> Restarted the server and when I try a login, I get the following exception:
>
> org.apache.geronimo.common.GeronimoSecurityException:
> Unable to instantiate login module
> at
> org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration.getLoginModule(JassLoginModuleConfiguration.java:71)
> ........
> further down:
>
> Caused by: java.lang.ClassNotFoundException:
> com.company.site.jaas.siteLoginModule.......
>
> I checked the common libraries and the jar seems to be there...... so what
> am I missing.
>
>
>
> <snip>
> I'm not exactly sure what the console does, so I recommend checking the
> plans it generates and posting them if the above doesn't work.
>
> thanks
> david jencks
>
>
