tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Blevins <david.blev...@visi.com>
Subject Re: Custom JAAS LoginModule: Principal with empty name provided
Date Thu, 04 Sep 2008 17:37:28 GMT
That's pretty much right.  The exact code looks like this:

         try {
             // Perform a login attempt (which should fail)
             // simply to excercise the initialize code of any
             // LoginModules that are configured.
             // They should have a chance to perform any special
             // boot-time code that they may need.
             login("","");
         } catch (Throwable e) {
         }

We can probably create a flag you could set to disable that behavior  
if you'd rather not get the call.

-David


On Sep 4, 2008, at 9:44 AM, Dain Sundstrom wrote:

> IIRC, OpenEJB performs a single "fake" login after installing the  
> security service in an effort to cause the login module to  
> initialize early.  The security service performs this in a try catch  
> that ignores any exceptions.
>
> -dain
>
> On Sep 3, 2008, at 6:46 AM, Martin Vysny wrote:
>
>> Hello guys,
>> we tried to supply our custom JAAS LoginModule to OpenEJB. It works
>> beautifully, I have just one question.
>> When the OpenEJB is created (using the new InitialContext(properties)
>> construct), it invokes this LoginModule and the handler supplies an
>> empty string as an username in NameCallback. This isn't surprising
>> though: I do not provide any username nor credentials to the
>> InitialContext. What should I do?
>> - should I expect empty string in LoginModule and throw  
>> LoginException?
>> - or should I provide some username/password? This is probably rather
>> weird as no ejb method is being called...
>>
>> Thanks!
>> Martin
>>
>> ps: please see attached stack trace for quick reference.
>> <stacktrace.txt>
>
>


Mime
View raw message