tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Vysny <...@whitestein.com>
Subject Re: Custom JAAS LoginModule: Principal with empty name provided
Date Fri, 05 Sep 2008 07:06:45 GMT
On Thu, 2008-09-04 at 10:37 -0700, David Blevins wrote:
> That's pretty much right.  The exact code looks like this:
> 
>          try {
>              // Perform a login attempt (which should fail)
>              // simply to excercise the initialize code of any
>              // LoginModules that are configured.
>              // They should have a chance to perform any special
>              // boot-time code that they may need.
>              login("","");
>          } catch (Throwable e) {
>          }
> 
> We can probably create a flag you could set to disable that behavior  
> if you'd rather not get the call.
> 
> -David
> 

Thanks for your response. I don't think there is need for this special
property: the valid LoginModule implementation will simply throw
LoginException on empty user so it's okay. I'll just turn off logging
for this special case ;)
Thanks!
Martin

> 
> On Sep 4, 2008, at 9:44 AM, Dain Sundstrom wrote:
> 
> > IIRC, OpenEJB performs a single "fake" login after installing the  
> > security service in an effort to cause the login module to  
> > initialize early.  The security service performs this in a try catch  
> > that ignores any exceptions.
> >
> > -dain
> >
> > On Sep 3, 2008, at 6:46 AM, Martin Vysny wrote:
> >
> >> Hello guys,
> >> we tried to supply our custom JAAS LoginModule to OpenEJB. It works
> >> beautifully, I have just one question.
> >> When the OpenEJB is created (using the new InitialContext(properties)
> >> construct), it invokes this LoginModule and the handler supplies an
> >> empty string as an username in NameCallback. This isn't surprising
> >> though: I do not provide any username nor credentials to the
> >> InitialContext. What should I do?
> >> - should I expect empty string in LoginModule and throw  
> >> LoginException?
> >> - or should I provide some username/password? This is probably rather
> >> weird as no ejb method is being called...
> >>
> >> Thanks!
> >> Martin
> >>
> >> ps: please see attached stack trace for quick reference.
> >> <stacktrace.txt>
> >
> >
> 
> 
-- 
Mgr. Martin Vysny | mvy@whitestein.com
Software Engineer
Whitestein Technologies s.r.o | www.whitestein.com
Panenska 28 | 811 03 Bratislava | Slovak Republic
Main +421 2 5443-5502 | Direct +421 2 5930-0717


Mime
View raw message