Thanks for your help djenks: I got this idea / example from what must be some dated code on the IBM dev site: http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzatz/51/sec/secdform.htm
I think the additional JAAS login module in front of the Authentication module could work I'm just not sure how to implement that in geronimo. Would I need to add another module configuration to the existing realm, or would I add an additional realm for the application? So far, I've been able to configure/customize one of the packaged Database (SQL) Realms to do the authentication work for the application but adding another module seems tricky? Thanks for your input though. Bill. djencks wrote: > > The filter approach isn't going to work AFAIK because the security > constraints have to be evaluated/applied/etc before any user code > such as filters are run. In fact IIUC there is no j_security_check > "servlet", that is handled directly by the web containers security > system. > > Is there some reason you can't put your validation logic in an > (additional) login module? > > thanks > david jencks > > On Jul 18, 2007, at 9:05 AM, Bill Brown wrote: > >> >> Greetings: >> >> I have an app with container managed security. There is a login >> form that >> uses j_username and j_password to post to j_security_check. I >> would like to >> perform some validation on the j_username and j_password to make >> sure the >> data entered is valid before checking the credentials against the >> db. I >> tried using a filter with filter-mapping in web.xml, but the filter >> isn't >> getting called. Below is the filter mapping. Does anyone know how >> to do >> this in geronimo 2.0? Is this possible? >> >> <filter> >> <filter-name>loginValidator</filter-name> >> <filter-class> >> com.abc..LoginValidateFilter >> </filter-class> >> </filter> >> >> <filter-mapping> >> <filter-name>loginValidator</filter-name> >> <url-pattern>/j_security_check</url-pattern> >> <dispatcher>REQUEST</dispatcher> >> <dispatcher>FORWARD</dispatcher> >> </filter-mapping> >> >> I also tried the mapping without the <dispatcher> elements and it >> didn't >> work either. Thanks for any more information or clarification. >> >> Bill. >> >> -- >> View this message in context: http://www.nabble.com/filter-mapping- >> for-j_security_check-tf4104213s134.html#a11671705 >> Sent from the Apache Geronimo - Users mailing list archive at >> Nabble.com. >> > > > -- View this message in context: http://www.nabble.com/validation-for-j_security_check-tf4104213s134.html#a11672763 Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
