The JAAS login module should connect to LDAP and collect the Users details like lastname.phone number, fax number , and other details and this should be made available to the application. Also, in cases of errors or exceptions in JAAS authentication, the User should be forwarded to a Login JSP page. So I was thinking that if I am able to call a module in the Servletfilter, then I should be able to forward the User to other pages when needed and also put the user details in session as a Servlet Filter has access to httpServletRequest.
Please let me know how to achieve this in Geronimo and what is the concept of realms here. Thanks, Priya --- Aaron Mulder <[EMAIL PROTECTED]> wrote: > What's the "collecting user details" part of this? > > For example, if you use J2EE security and HTTP Basic > authentication, > you can have the user's username and password > (provided by HTTP Basic > auth) resolved against a JAAS LoginModule > (configured as a Geronimo > security realm) and no servlet filter is necessary. > That will let the > application access the current user's username, and > check whether > they're in any particular J2EE security role to make > finer-grained > authorization decisions. > > It would not, however, let you look up the user's > address and phone > number, even if that was somehow stuffed into the > Subject by the JAAS > LoginModule. > > How well does this fit what you're trying to do? > > Thanks, > Aaron > > On 9/20/06, sreepriya ramakrishnan > <[EMAIL PROTECTED]> wrote: > > Hi, > > > > These are the requirements: > > > > The application should use a HTTP Basic > authentication > > with JAAS for authentication user and collecting > user > > details. > > > > In all examples related to JAAS, I see that they > use a > > Servlet Filter which uses a LoginContext to invoke > the > > JAAS loginModule and then they populate the User > > Details in the Subject.They then use the same > > logincontext to retrieve the User details from the > > Subject. > > Doing it this way will enable me to populate the > > userdetails in session so that it is available to > the > > application. > > > > I am not sure how to achieve this with Geronimo. > > > > Thanks, > > Priya > > > > --- Aaron Mulder <[EMAIL PROTECTED]> > > wrote: > > > > > Can you say a little more about what you're > trying > > > to do? For > > > example, why are you accessing JAAS via a > Servlet > > > Filter instead of > > > just using J2EE security? It is possible for > you to > > > access Geronimo > > > security features from a filter but the best way > may > > > depend on what > > > you're trying to accomplish. > > > > > > Thanks, > > > Aaron > > > > > > On 9/20/06, sreepriya ramakrishnan > > > <[EMAIL PROTECTED]> wrote: > > > > Hi , > > > > > > > > I am having problems understanding how > geronimo > > > and > > > > JAAS work together. > > > > > > > > If I want to use a ServletFilter to access a > > > Geronimo > > > > deployed custom LOgin Module. How will I do > that > > > and > > > > how will the configuration in Geronimo be? > Should > > > I > > > > use Security realms ?? > > > > > > > > Your help will be greatly appreciated. I have > > > been > > > > stuck with this for quite sometime now and > was > > > > wondering if you can help me. > > > > > > > > Thanks, > > > > Priya > > > > > > > > > > > > > __________________________________________________ > > > > Do You Yahoo!? > > > > Tired of spam? Yahoo! Mail has the best spam > > > protection around > > > > http://mail.yahoo.com > > > > > > > > > > > > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam > protection around > > http://mail.yahoo.com > > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
