tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dain Sundstrom <d...@iq80.com>
Subject Re: Custom JAAS LoginModule: Principal with empty name provided
Date Thu, 04 Sep 2008 16:44:53 GMT
IIRC, OpenEJB performs a single "fake" login after installing the  
security service in an effort to cause the login module to initialize  
early.  The security service performs this in a try catch that ignores  
any exceptions.

-dain

On Sep 3, 2008, at 6:46 AM, Martin Vysny wrote:

> Hello guys,
>  we tried to supply our custom JAAS LoginModule to OpenEJB. It works
> beautifully, I have just one question.
> When the OpenEJB is created (using the new InitialContext(properties)
> construct), it invokes this LoginModule and the handler supplies an
> empty string as an username in NameCallback. This isn't surprising
> though: I do not provide any username nor credentials to the
> InitialContext. What should I do?
> - should I expect empty string in LoginModule and throw  
> LoginException?
> - or should I provide some username/password? This is probably rather
> weird as no ejb method is being called...
>
> Thanks!
> Martin
>
> ps: please see attached stack trace for quick reference.
> <stacktrace.txt>


Mime
View raw message