I don't know why that would be. Perhaps your initialize() isn't doing everything it should, or another login module is doing something bad?
-----Original Message----- From: cw [mailto:[EMAIL PROTECTED] Sent: 19 January 2008 05:04 To: [email protected] Subject: tomcat credential integration from existing userpassword table In my repository, i put this <Security appName="Jackrabbit"> <!-- access manager: class: FQN of class implementing the AccessManager interface --> <AccessManager class="org.apache.jackrabbit.core.security.SimpleAccessManager"> <!-- <param name="config" value="${rep.home}/access.xml"/> --> </AccessManager> <LoginModule class="org.apache.jackrabbit.core.security.ABCLoginModule"> <!-- anonymous user name ('anonymous' is the default value) --> <param name="anonymousId" value="anonymous"/> </LoginModule> </Security> when my code, came across Repository r = getRepository(); Credentials credentials = new SimpleCredentials(USERID, PASSWORD); session = r.login(credentials); ABCLoginModule method is executed. but I get null for System.out.println("calls[0]"+((NameCallback) calls[0]).getName()); in login method. //my login module public boolean login() { try { Callback[] calls = new Callback[2]; calls[0] = new NameCallback("name"); calls[1] = new PasswordCallback("Password", false); if (callbackHandler == null) { callbackHandler.handle(calls); } System.out.println("calls[0]"+((NameCallback) calls[0]).getName()); System.out.println("calls[1]"+String.valueOf(((PasswordCallback) (calls[1])).getPassword())); cbName = ((NameCallback) calls[0]).getName(); if (cbName== (null)) { throw new LoginException("name must not be null"); } cbPassword = String.valueOf(((PasswordCallback) (calls[1])).getPassword()); if (cbPassword==(null)) { throw new LoginException("password must not be null"); } System.out.println("cbPassword"+cbPassword); verification=true; } catch (IOException ex) { Logger.getLogger(RealMalaysiaLoginModule.class.getName()).log(Level.SEVE RE, null, ex); } catch (UnsupportedCallbackException ex) { Logger.getLogger(RealMalaysiaLoginModule.class.getName()).log(Level.SEVE RE, null, ex); } catch (LoginException ex) { Logger.getLogger(RealMalaysiaLoginModule.class.getName()).log(Level.SEVE RE, null, ex); } return verification; } i cannot pass username and password to login module Connor Brett <[EMAIL PROTECTED]> wrote: You'll need to: 1 create an implementation of javax.security.auth.spi.LoginModule.LoginModule (see any JAAS documentation / tutorial on this - public boolean login() is the interesting part) 2 configure it in your repository.xml along the lines of: class="org.apache.jackrabbit.core.security.SimpleAccessManager"/> 3 configure your system to use your JAAS module under a policy name. We use Jboss, so we have an entry in the jboss login-config like: -----Original Message----- From: cw [mailto:[EMAIL PROTECTED] Sent: 17 January 2008 10:05 To: [email protected] Subject: RE: credential integration from existing userpassword table i need to create new class myClassModule ? any example on this? class="org.apache.jackrabbit.core.security.SimpleLoginModule"> Connor Brett wrote: Jackrabbit supports JAAS. You need a JAAS login module & configure JR to use it in repository.xml. -----Original Message----- From: cw [mailto:[EMAIL PROTECTED] Sent: 17 January 2008 02:27 To: [email protected] Subject: credential integration from existing userpassword table the credential that i'm using for jackrabbit is as below Credentials credentials = new SimpleCredentials(USERID, PASSWORD); session = r.login(credentials); . How to integrate our existing userpasswordtable db with this credentail to authenticate user? currently, jackrabbit just accept any username and password pair. also, i'm using sample "simplewebdavservlet". how to limit user to login ? E-MAIL DISCLAIMER The information in this e-mail and any attachment is confidential. It is intended only for the named recipient(s). If you are not a named recipient please notify the sender immediately and do not disclose the contents to another person or take copies. Although Axxia Systems has taken every reasonable precaution to ensure that any attachment to this e-mail has been checked for viruses,it is strongly recommended that you carry out your own virus check before opening any attachment, as we cannot accept liability for any damage sustained as a result of software virus infection. Axxia Systems reserves the right to monitor and record e-mails sent to axxia.com, and senders of such messages shall be taken to consent to this. Registered Office: Axxia House, Unit 4, The Pavilions, Ruscombe Business Park, Twyford, Berkshire, RG10 9NN. Registration Number: 3019229
