Initialize method in JAAS login module

Hi All,
In my JAAS login module (extended AbstractLoginModule) deployed on WAS 6.40 (sneak preview) my initialize method is being called for every browser session. I have added some logging in the login module contructor, even that is being called for every new browser session. Is this the expected behaviour?
I guess the initialize method should be called on once.
regards,
Vishal

Hi,
We had the same problem.
What we found was that Sap has a new Login Module called HeaderVariableLoginModule which you have to create using the class com.sap.security.core.server.jaas.HeaderVariableLoginModule. You can do this in NWA -> Configuration -> Authentication and Single Sign-On -> Login Module, then click on the create button and fill out the fields with the information i just gave you.
The list of Login Modules should now include HeaderVariableLoginModule, which you can configure by selecting the row of this module, and adding two options- ume.configuration.active=true and Header=REMOTE_USER.
It appears that this Login Module is covertly delivered as a class in every Netweaver version >= 7.0.
Good luck,
Steven McElwee, Duke University
PS- I tried to attach a word document that shows the procedure for this, but this system rejected it. I can email it you if you let me know where to send it. In our case we used "Header=uid" rather than "Header="REMOTE_USER".

Similar Messages

Problems deploying custom JAAS login module (ClassNotFound)

Hi,
I've developed a custom made JAAS login module that filters on IP addresse which I am moving from 6.20 to 6.40.
I've pretty much followed the procedures from http://help.sap.com/saphelp_nw04/helpdata/de/46/3ce9402f3f8031e10000000a1550b0/content.htm , the only major difference is that I needed a reference to WebCallback and therefore a reference to com.sap.security.api.sda from my library project.
I've especially followed the step with "Adding a Reference to the Classloader of the Security Provider" (http://help.sap.com/saphelp_nw04/helpdata/de/2b/23e4407211732ae10000000a155106/content.htm) , but I think its this step that fails. This has been set to library:<library name> , where <library name> is what is written on the right hand side of visual admin under library. I see that the library is deployed under the folder bin\ext\customer.com~com.customer.portal.login.IPRuleLibrary , so maybe I will try that name tomorrow morning.
The exceptions I get are
#1.5#001321B3B106005C0000000800002E380004039375E59BA6#1129831779936#com.sap.engine.services.security#sap.com/irj#com.sap.engine.services.security#Guest#1####ae7c5500419411daa7fd001321b3b106#SAPEngine_Application_Thread[impl:3]_17##0#0#Error#1#/System/Audit#Java###Exception #1#com.sap.engine.services.security.exceptions.BaseSecurityException: Cannot load a login module.
 at com.sap.engine.services.security.login.LoginContextFactory.init(LoginContextFactory.java:95)
 at com.sap.engine.services.security.login.LoginContextFactory.getLoginContext(LoginContextFactory.java:133)
 at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContext(AuthenticationContextImpl.java:227)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:324)
 at com.sap.engine.system.SystemLoginModule.initialize(SystemLoginModule.java:72)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:324)
 at javax.security.auth.login.LoginContext.invoke(LoginContext.java:662)
 at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
 at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
 at java.security.AccessController.doPrivileged(Native Method)
 at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
 at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
 at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:86)
 at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:305)
 at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:96)
 at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:186)
 at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:522)
 at java.security.AccessController.doPrivileged(Native Method)
 at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:405)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
 at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
 at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:295)
 at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:351)
 at com.sap.portal.navigation.Gateway.service(Gateway.java:68)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
 at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
 at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
 at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
 at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
 at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
 at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
 at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
 at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
 at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
 at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
 at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
 at java.security.AccessController.doPrivileged(Native Method)
 at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:95)
 at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:159)
Caused by: java.lang.ClassNotFoundException: com.customer.portal.login.IPRuleLoginModule
Found in negative cache
- Loader Info -
ClassLoader name: [common:library:com.sap.security.api.sda;library:com.sap.security.core.sda;library:security.class;library:webservices_lib;service:adminadapter;service:basicadmin;service:com.sap.security.core.ume.service;service:configuration;service:connector;service:dbpool;service:deploy;service:jmx;service:jmx_notification;service:keystore;service:security;service:userstore]
Parent loader name: [Frame ClassLoader]
References:
 library:com.sap.ip.basecomps
 library:core_lib
 common:library:IAIKSecurity;library:activation;library:mail;library:tcsecssl
 library:servlet
 library:sapxmltoolkit
 library:com.sap.mw.jco
 library:com.sap.util.monitor.jarm
 library:j2eeca
 library:opensql
 interface:security
 interface:log
 interface:shell
 interface:keystore_api
 library:ejb20
 interface:webservices
 library:com.sap.guid
 interface:appcontext
 interface:endpoint_api
 interface:resourceset_api
 interface:resourcecontext_api
 common:service:iiop;service:naming;service:p4;service:ts
 interface:ejbcomponent
 interface:container
 interface:visual_administration
 interface:transactionext
 interface:dsr_ejbcontext_api
 service:timeout
 library:tc~jmx
 library:tcSLUTIL
 service:memory
 library:antlr
 library:jdbdictionary
 library:opensqlextensions
 interface:cross
 service:locking
 service:file
Resources:
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_toolkit_api.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
adminadapter
adminadapter.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
com.sap.security.core.ume.service
com.sap.security.core.ume.service.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
webservices_lib
jaxrpc-api.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
com.sap.security.api.sda
com.sap.security.api.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
dbpool
opensqllib.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
jmx
jmx_sec.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
webservices_lib
jaxm-api.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
keystore
keystore.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
security
security.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
basicadmin
jstartupapi.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_jaas.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
connector
connectorimpl.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
webservices_lib
webservices_lib.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_jaas.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_service_api.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_userstore_lib.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
webservices_lib
saaj-api.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
com.sap.security.core.sda
com.sap.security.core.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
com.sap.security.core.sda
com.sap.security.core.tpd.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_csi.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_ssf.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
userstore
userstore.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
dbpool
sqljimpl.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_xmlbind.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_util.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
dbpool
dbpool.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
deploy
deploy.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_toolkit_core.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
jmx
jmx.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_compat.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
jmx_notification
jmx_notification.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
configuration
configuration.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
basicadmin
jstartupimpl.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_https.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
basicadmin
basicadmin.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_jaas_test.jar
 C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
com.sap.security.api.sda
com.sap.security.api.perm.jar
Loading model: {parent,local,references}
 at com.sap.engine.frame.core.load.ReferencedLoader.loadClass(ReferencedLoader.java:348)
 at com.sap.engine.services.security.Util.loadClass(Util.java:262)
 at com.sap.engine.services.security.Util.loadClassFromAdditionalLoaders(Util.java:204)
 at com.sap.engine.services.security.login.LoginContextFactory.init(LoginContextFactory.java:92)
 ... 45 more
#1.5#001321B3B106005C0000000900002E380004039375E5A109#1129831779936#com.sap.engine.services.security#sap.com/irj#com.sap.engine.services.security#Guest#1####ae7c5500419411daa7fd001321b3b106#SAPEngine_Application_Thread[impl:3]_17##0#0#Error##Java###Cannot load login module class .#1#com.customer.portal.login.IPRuleLoginModule#

Hi,
The problem was solved by using the name customer.com~com.customer.portal.login.IPRuleLibrary for the library (so basically look at the name of your library folder under cluster\j2ee\serverx\bin\ext , not the name reported by visual admin).
Also I was able to modify the properties of the login module runtime, which made me very happy
Dagfinn

Opinions on implementing a JAAS login module to achieve SSO

We are looking at implementing SSO from a sharepoint website to the portal. The users who are accessing the Sharepoint site are using their own computers and are not members of the AD Domain, so they could theoretically be using any computer in the world to access Sharepoint.
the desired user experience looks something like this.
user--login> sharepoint site -no login--
>portal
One of the methods we are looking at to achieve this is to implement a custom JAAS login module that would authenticate the user if they are coming from the Sharepoint site.
I would like to get your opinions on how viable you think this method is. One of the goals of this method is ease of implementation, so if you can think of an easier way to implement this please let us know.
the method is basically this.
1. User logs into sharepoint using their AD username and password and establish an active session with sharepoint
2. user navigates to a link in sharepoint that points to a resource in the SAP Portal
3. we don't want the user to have to login to access the resource when they click on the link
4. to facilitate this, sharepoint has constructed the link in the following way
5. the link is an https link
6. the link has two additional parameters in addition to whatever is necessary to navigate to the resource
7. the parameters are
8. un = the users AD username
9. uh = sha1("secret_password_known_to_both_the_login_module_and_sharepoint" + "username")
10. the user clicks the link and is directed to the SAP portal
11. the sap portal has a custom JAAS login module which performs it's checks before the other login modules
12. the custom module computes ( sha1("secret_password_known_to_both_the_login_module_and_sharepoint" + un)) and then compares the result with uh, if they are equal, the custom login module authenticates the user bypassing any further need for authentication, otherwise authentication passes to the original authentication modules as normal.
If you think there is an easier way, please let us know. We are essentially looking for the easiest/fastest way to implement this functionality that is still secure.

Hey Gary,
I'm currently using Apache running on RedHat that leverage Apache's mod_rewrite module. I've got a bank of 6 reverse proxies sitting in front of an SAP Portal and each proxy runs on a host with dual 3.33GHz processors and 8Gb or RAM. I know... they're waaay over-sized and they pretty much snooze all day.
This is the sole entry point for all SAP users and we sized them to accommodate the "worst case" of about 5000 (potential) named users, concurrently. Realistically, we've only ever had about 1500 unique users hitting the systems in a day (following an upgrade go-live, everybody is curious and wants to log on) and a typical load of about 500 to 750 users in a day.
Never had a real performance problem to speak of. As long as the proxies are tuned properly (ssl cache, sessions, etc.), you should be fine.
Setting header variables and some other "custom stuff" is handled in Perl (need Apache's mod_perl active). We've got a script that's called by all users before being passed to the Portal.
We used IISProxy.dll with an IIS web server a long time ago (5 years maybe?) but opted to can it in favor of the approach described above.
If you ask SAP, they'll recommend you use a WebDispatcher... and that's certainly an option as well.
-Kevin

JDEV deployment of web app with custom JAAS login module fails

For the first time, I am trying to implement a custom JAAS login module.
JDEV deployment to standalone OC4J only fails when my orion-application.xml is included. The deployment fails with a java.lang.InstantiationException.
This what I have done:
1) Wrote a custom LoginModule called com.whirlpoool.sjtc.jaas.gpa.LDAPLoginModule.
2) Put it and its dependent classes in a jar named sjtcjaas.jar.
3) Put the jar in $ORACLE_HOME\j2ee\home\lib
4) Changed library_path in $ORACLE_HOME\j2ee\home\config\application.xml to
<library path="../../home/lib/scheduler.jar;../../home/lib/sjtcjaas.jar" />
5) Added an orion-application.xml to the JDEV project. (I used an Oracle How-to as a pattern, see below.)
I think I'm close but no cigar, yet. Any help would be appreciated.
Regards,
Al Malin
=============== orion-application.xml ========================================
<?xml version="1.0"?>
<orion-application xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/orion-application-10_0.xsd" deployment-version="10.1.3.0.0" default-data-source="jdbc/OracleDS" schema-major-version="10" schema-minor-version="0" >
<security-role-mapping name="sr_manager">
<group name="managers" />
</security-role-mapping>
<security-role-mapping name="sr_developer">
<group name="developers" />
</security-role-mapping>
<log>
<file path="application.log" />
</log>

<jazn-loginconfig>
<application>
<name>customjaas</name>
<login-modules>
<login-module>
<class>com.whirlpoool.sjtc.jaas.gpa.LDAPLoginModule</class>
<control-flag>required</control-flag>
<options>
<option>
<name>debug</name>
<value>true</value>
</option>
</options>
</login-module>
</login-modules>
</application>
</jazn-loginconfig>
</orion-application>

Starting OC4J from c:\oc4j\j2ee\home ...
2006-09-07 13:45:28.484 NOTIFICATION JMS Router is initiating ...
06/09/07 13:45:29 Oracle Containers for J2EE 10g (10.1.3.0.0) initialized
2006-09-07 13:45:58.609 NOTIFICATION Application Deployer for aam STARTS.
2006-09-07 13:45:58.640 NOTIFICATION Copy the archive to C:\oc4j\j2ee\home\applications\aam.ear
2006-09-07 13:45:58.656 NOTIFICATION Initialize C:\oc4j\j2ee\home\applications\aam.ear begins...
2006-09-07 13:45:58.656 NOTIFICATION Auto-unpacking C:\oc4j\j2ee\home\applications\aam.ear...
2006-09-07 13:45:58.687 NOTIFICATION Unpacking aam.ear
2006-09-07 13:45:58.687 NOTIFICATION Unjar C:\oc4j\j2ee\home\applications\aam.ear in C:\oc4j\j2ee\home\applications\aam
2006-09-07 13:45:58.750 NOTIFICATION Done unpacking aam.ear
2006-09-07 13:45:58.750 NOTIFICATION Finished auto-unpacking C:\oc4j\j2ee\home\applications\aam.ear
2006-09-07 13:45:58.750 NOTIFICATION Auto-unpacking C:\oc4j\j2ee\home\applications\aam\aam.war...
2006-09-07 13:45:58.750 NOTIFICATION Unpacking aam.war
2006-09-07 13:45:58.765 NOTIFICATION Unjar C:\oc4j\j2ee\home\applications\aam\aam.war in C:\oc4j\j2ee\home\applications\aam\aam
2006-09-07 13:45:58.765 NOTIFICATION Done unpacking aam.war
2006-09-07 13:45:58.765 NOTIFICATION Finished auto-unpacking C:\oc4j\j2ee\home\applications\aam\aam.war
2006-09-07 13:45:58.812 NOTIFICATION Initialize C:\oc4j\j2ee\home\applications\aam.ear ends...
2006-09-07 13:45:58.828 NOTIFICATION Starting application : aam
2006-09-07 13:45:58.828 NOTIFICATION Initializing ClassLoader(s)
2006-09-07 13:45:58.828 NOTIFICATION Initializing EJB container
2006-09-07 13:45:58.828 NOTIFICATION Loading connector(s)
2006-09-07 13:45:58.843 NOTIFICATION application : aam is in failed state
06/09/07 13:45:58 WARNING: Application.setConfig Application: aam is in failed state as initialization failedjava.lang.InstantiationException
Sep 7, 2006 1:45:58 PM com.evermind.server.Application setConfig
WARNING: Application: aam is in failed state as initialization failedjava.lang.InstantiationException
06/09/07 13:45:58 oracle.oc4j.admin.internal.DeployerException: java.lang.InstantiationException
06/09/07 13:45:58 at oracle.oc4j.admin.internal.ApplicationDeployer.addApplication(ApplicationDeployer.java:510)
06/09/07 13:45:58 at oracle.oc4j.admin.internal.ApplicationDeployer.doDeploy(ApplicationDeployer.java:191)
06/09/07 13:45:58 at oracle.oc4j.admin.internal.DeployerBase.execute(DeployerBase.java:93)
06/09/07 13:45:58 at oracle.oc4j.admin.jmx.server.mbeans.deploy.OC4JDeployerRunnable.doRun(OC4JDeployerRunnable.java:52)
06/09/07 13:45:58 at oracle.oc4j.admin.jmx.server.mbeans.deploy.DeployerRunnable.run(DeployerRunnable.java:81)
06/09/07 13:45:58 at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:814)
06/09/07 13:45:58 at java.lang.Thread.run(Thread.java:595)
06/09/07 13:45:58 Caused by: java.lang.InstantiationException
06/09/07 13:45:58 at com.evermind.server.ApplicationStateRunning.initDataSources(ApplicationStateRunning.java:1424)
06/09/07 13:45:58 at com.evermind.server.ApplicationStateRunning.initializeApplication(ApplicationStateRunning.java:195)
06/09/07 13:45:58 at com.evermind.server.Application.setConfig(Application.java:391)
06/09/07 13:45:58 at com.evermind.server.Application.setConfig(Application.java:308)
06/09/07 13:45:58 at com.evermind.server.ApplicationServer.addApplication(ApplicationServer.java:1771)
06/09/07 13:45:58 at oracle.oc4j.admin.internal.ApplicationDeployer.addApplication(ApplicationDeployer.java:507)
06/09/07 13:45:58 ... 6 more
2006-09-07 13:45:58.890 NOTIFICATION Application Deployer for aam FAILED.
2006-09-07 13:45:58.890 NOTIFICATION Application UnDeployer for aam STARTS.
2006-09-07 13:45:58.906 NOTIFICATION Removing all web binding(s) for application aam from all web site(s)
2006-09-07 13:45:59.015 NOTIFICATION Application UnDeployer for aam COMPLETES.
06/09/07 13:45:59 WARNING: DeployerRunnable.run java.lang.InstantiationExceptionoracle.oc4j.admin.internal.DeployerException: java.lang.InstantiationException
at oracle.oc4j.admin.internal.DeployerBase.execute(DeployerBase.java:126)
at oracle.oc4j.admin.jmx.server.mbeans.deploy.OC4JDeployerRunnable.doRun(OC4JDeployerRunnable.java:52)
at oracle.oc4j.admin.jmx.server.mbeans.deploy.DeployerRunnable.run(DeployerRunnable.java:81)
at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:814)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.InstantiationException
at com.evermind.server.ApplicationStateRunning.initDataSources(ApplicationStateRunning.java:1424)
at com.evermind.server.ApplicationStateRunning.initializeApplication(ApplicationStateRunning.java:195)
at com.evermind.server.Application.setConfig(Application.java:391)
at com.evermind.server.Application.setConfig(Application.java:308)
at com.evermind.server.ApplicationServer.addApplication(ApplicationServer.java:1771)
at oracle.oc4j.admin.internal.ApplicationDeployer.addApplication(ApplicationDeployer.java:507)
at oracle.oc4j.admin.internal.ApplicationDeployer.doDeploy(ApplicationDeployer.java:191)
at oracle.oc4j.admin.internal.DeployerBase.execute(DeployerBase.java:93)
... 4 more
2006-09-07 13:45:59.031 WARNING java.lang.InstantiationException

Custom JAAS Login Module 9.0.4 configuration problems

Hello,
We have created a custom JAAS Login Module on OC4J 9.0.4 and are having some sort of configuration problem
We always get this error:
Caused by: javax.security.auth.login.LoginException: Login Failure: all modules ignored
 at javax.security.auth.login.LoginContext.invoke(LoginContext.java:779)
 at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
 at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
 at java.security.AccessController.doPrivileged(Native Method)
 at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
 at javax.security.auth.login.LoginContext.login(LoginContext.java:535)
The Login Module is configured for a specific deployed application in the global jazn-data.xml and is being run as I have attached a debugger to the app server.
Our authentication process succeeds and we return a "true" from the login() method. No exceptions are thrown from our Login Module.
our ORACLE_HOME/j2ee/home/config/jazn-data.xml has this added
<application>
<name>helloworld</name>
<login-modules>
<login-module>
<class>com.test.JaasLoginModule</class>
<control-flag>required</control-flag>
<options>
</options>
</login-module>
</login-modules>
</application>
The j2ee/home/application-deployments/helloworld/jazn-data.xml looks like this:
<?xml version="1.0" encoding="UTF-8" standalone='yes'?>
<!DOCTYPE jazn-data PUBLIC "JAZN-XML Data" "http://xmlns.oracle.com/ias/dtds/jazn-data.dtd">
<jazn-data />
and we added this into the j2ee/home/application-deployments/helloworld/orion-applicaton.xml
<jazn provider="XML" location="jazn-data.xml" >
<property name="role.mapping.dynamic" value="true"/>
<property name="custom.loginmodule.provider" value="true"/>
<property name="jaas.username.simple" value="true" />
</jazn>
Are we missing anything? Our code runs, it seems like there is something lacking in the configuration on the OC4J side of things.
Anyone know what we are missing?
Thanks....

Hi,
if you are on 9.0.4 then <property name="custom.loginmodule.provider" value="true"/> shouldn't work because its a parameter of 10.1.3
Frank

Can I get the resource in a JAAS login module?

G'day,
I am writing a custom JAAS login module for deplyment in Netweaver application server. I'd like to get information about the resource that is protected by that login module (specifically, the URL).
The HttpGetterCallback class does not provide this information. All I can get is the host name and port from the HTTP headers.
Is there any way to get the full URL of the resource within a login module?
-- Geoff

G'day,
Note also that I tried using the WebCallback class, which has a getRequest() method that returns a HttpServletRequest.
But this callback seems to be ignored by the callback handler used in Netweaver AS, as the getRequest() method returns null, even though the login module is used to protect a servlet.
[ As an aside, I passed a custom callback to the CallbackHandler supplied by Netweaver AS, and the callbackHandler.handle() method did not throw UnsupportedCallbackException, which seems to be in violation of the JAAS standard ]
So ... HttpGetterCallback does not return resource URL information, and WebCallback is apparently ignored by the callback handler (which should really throw an exception here).
Are there any other ways to get the URL of the resource in a Netweaver AS login module?

JAAS login module

Hello all, I'm having a problem with authentication. I hava a jaas Login Module that authenticates users against a db. After some work I could configure it and got it working. But, even my Login Module works fine, after validating an user I get the exception:
Caused by: com.sap.engine.services.security.exceptions.BaseLoginException: User not authorized.
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:223)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at com.lumina.security.jaasrbac.SecurityFacade.authenticate(SecurityFacade.java:119)
... 51 more
Caused by: com.sap.engine.services.security.exceptions.BaseLoginException: User is locked.
at com.sap.engine.services.security.server.jaas.CheckAction.checkUserLockStatus(CheckAction.java:181)
at com.sap.engine.services.security.server.jaas.CheckAction.run(CheckAction.java:58)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.server.jaas.LoginModuleHelperImpl.checkUserLockStatus(LoginModuleHelperImpl.java:116)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:175)
... 63 more
This happens after my login module is invoked and succeeds authenticating an user.
Is it really necessary to have a copy of the user data in the UME store?
Thanks,
Juan Manuel

Hi Bhavik,
You have to use the VisualAdministrator tool.
These are the steps I did (or I think I did):
    1) I created a library whith Developer Studio which contained the Login Module implementing class and its dependencies.
    2) Deployed it to J2EE engine
    3) Using Visual Administrator go to security provider (J2E/Server0/services)
    4) Click UserManagement tab
    5) Click Manage Security Stores button
    6) Click Add Login Module button
    7) Click Ok in the first dialog that appears
    8) Fill the required data in the add Login Module dialog (className of the Login Module implementation,disply name, description and options (if any, iex: debug=true)
    9) Click Ok
    10)Click policy Configurations tab
    11) Click add button (bottom of the component's panel)
    12) Enter the name for the new policy configuration (I think it must be the same name you use in your application code when you refer to the login module) and click ok
    13) Now, the new configuration appears in the components list. Click on it
    14) Click 'add new' button which is at the bottom of the authentication tab (right panel)
    15) Select the login module you created in 8) and click ok
    16) In the authentication tab appears the login module you have created. There you can the right flag you desire for your login module (optional, required, requisite,sufficient)
    17) Click the Properties tab next to Runtime tab
    18) Click on property LoginModuleClassLoaders
    19) Modify this property value to: library:libraryName (where libraryName is the name you deployed your login module library classes in step 2) )
    20) Restart J2EE engine
Regards,
Juan Manuel

JAAS Login Module Redirect to Iview

I am having some difficulty getting a redirect to an Iview to work in our custom JAAS Login Module. This code works in our current production environment, using Portal version EP6.0 SP2 Patch 35:
callbacks[0] = new com.sap.security.api.logon.WebCallback();
HttpServletResponse rsp = ((WebCallback) callbacks[0]).getResponse();
rsp.sendRedirect(this.changepasswordurl + this.username); //get url from property
But this nearly identical code is not working in our development environment, running NetWeaver:
WebCallback wcb = new WebCallback ();
this.callbackHandler.handle(new Callback [] {wcb});
HttpServletResponse rsp = wcb.getResponse();
myLoc.infoT("URL: " + this.changepasswordurl + this.username);
rsp.sendRedirect(this.changepasswordurl + this.username); //get url from property
When the rsp.sendRedirect statement is executed, I get a stack dump:
#1.5#00306EF4D7AD0048000000550000576000040C5F45EBE199#1139503241315#com.nike.portal.auth.PortalLoginModule#sap.com/irj#com.nike.portal.auth.PortalLoginModule#Guest#192####cd56b800998a11da8f7300306ef4d7ad#SAPEngine_Application_Thread[impl:3]_9##0#0#Info##Plain###URL: https://dev.XXXXX.com/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fnikeconnect!2fiviews!2fcommon!2fMyInfo!2f1-com-nike-iv_b2s-change-password?userid=ncportal02@yahoo.com#on!2fMyInfo!2f1-com-nike-iv_b2s-change-password?userid=ncportal02@yahoo.com#
#1.5#00306EF4D7AD0048000000570000576000040C5F45EC2971#1139503241326#com.sap.engine.services.security#sap.com/irj#com.sap.engine.services.security#Guest#192####cd56b800998a11da8f7300306ef4d7ad#SAPEngine_Application_Thread[impl:3]_9##0#0#Error##Java###Error in some of the login modules.
[EXCEPTION]
#1#com.sap.engine.services.security.exceptions.BaseLoginException: Error in some of the login modules.
        at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:149)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:153)
        at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
        at sun.reflect.GeneratedMethodAccessor260.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:324)
When I cut the exact URL being redirected to from the trace log and paste it into a browser, it goes to the page just fine.
Can anyone suggest a different method of performing a redirect from withing my JAAS Login Module in NetWeaver? I'm thinking maybe I'm not getting the response object properly - any ideas?
Thank you...
Dave

Thanks for the pointers. We were able to get an SAP developer to take a look at this and he coded up this solution, which takes what you suggested and filled in all the blanks. I am baffled as to how I would have figured this out on my own (like the RESPONSE_CODE value of 302), given the limited documentation around the HttpCallback. We haven't had the opportunity to try this yet - I'll respond with a new post either way to let you know. Anyway, here's the code snippet for how to perform a redirect:
In the custom JAAS Login Module:
setRedirect(callbackHandler, this.changepasswordurl);
This is the setRedirect method:
private void setRedirect(CallbackHandler ch, String redirectURL)
      throws IOException, UnsupportedCallbackException
    HttpSetterCallback setRCodeCB = new HttpSetterCallback();
    setRCodeCB.setType(HttpCallback.RESPONSE_CODE);
    setRCodeCB.setName("Moved Temporarily");
    setRCodeCB.setValue("302");
    HttpSetterCallback setRedirCB = new HttpSetterCallback();
    setRedirCB.setType(HttpCallback.HEADER);
    setRedirCB.setName("Location");
    setRedirCB.setValue(redirectURL);
    Callback[] cbSetter = new Callback[2];
    cbSetter[0] = setRCodeCB;
    cbSetter[1] = setRedirCB;
    ch.handle(cbSetter);

Retrieving JDBC connection from datasource in JAAS login module

Hi,
I have a custom JAAS login module which calls a DAO for accessing user login details. The DAO looks up the datasource to retrieve connections from when the LoginModule is initialized. The datasource is simply defined through the admin interface. When a user tries to login (through the web container) an exception is thrown as shown below:
com.sun.enterprise.InvocationException
     at com.sun.enterprise.resource.PoolManagerImpl.getResource(PoolManagerImpl.java:134)
     at com.sun.enterprise.resource.JdbcDataSource.internalGetConnection(JdbcDataSource.java:241)
     at com.sun.enterprise.resource.JdbcDataSource.getConnection(JdbcDataSource.java:154)
     at com.dmdsecure.mobile.security.store.impl.JDBCUserStore.fetchUser(JDBCUserStore.java:330)
     at com.dmdsecure.mobile.security.impl.LocalUserManager.authenticate(LocalUserManager.java:70)
     at com.dmdsecure.mobile.security.adapter.sunone.DMDLoginModule.authenticate(DMDLoginModule.java:66)
     at com.dmdsecure.mobile.security.adapter.sunone.DMDLoginModule.authenticate(DMDLoginModule.java:38)
     at com.iplanet.ias.security.auth.login.PasswordLoginModule.login(PasswordLoginModule.java:163)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
     at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
     at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
     at java.security.AccessController.doPrivileged(Native Method)
     at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
     at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
     at com.sun.enterprise.security.auth.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:382)
     at com.sun.enterprise.security.auth.LoginContextDriver.login(LoginContextDriver.java:307)
     at com.sun.enterprise.security.auth.LoginContextDriver.login(LoginContextDriver.java:116)
     at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:201)
     at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:140)
     at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:263)
     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:492)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:496)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
     at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:157)
     at com.iplanet.ias.web.WebContainer.service(WebContainer.java:598)
It seems the datasource is valid but trying to retrieve connections from it will fail.
Anyone had any similar problems??

Nope, sorry ... I am also having other troubles with JNDI lookups, this time from within the init method of a filter ... Seems there may still be some issues here for Sun to iron out ...
-Johan

Reading an env. variable in JAAS login module

Hi All,
I have a JAAS login module wherein I want to add a static block to read certain properties from a file. Is there any property within WAS 6.40 wherein I can set the file path and read it using System.getProperty in my JAAS login module?
I do not want to use the options method. Any other way to approach this problem will be helpful.
regards,
Vishal

Thanks Wenton,
That worked
BTW I only added the JVM property to the server sub-node under the instance node. That solved the issue.
regards,
Vishal

Use of portal service in JAAS Login Module

Is it possible to use an portal service in an JAAS Login Module?
I've tried to use the IUserMappingService and always run in an Null Pointer Exception.
All needed Used DC references are set and the build and the deployment of the
login module is possible without any errors.
Best regards,
Thomas

I've debuged my JAAS login modul.
The following objects are in accessable over my context object
{broker=broker, com.sap.portal.pcm.collaborative.ipartstemplates={}, UME=UME, com.sap.workflow.es.portal.IKMCRoomService=com.sap.workflow.es.room.KMCRoomHelper@44c944c9, comp.sap.portal.fpn.marshallersrepository={com.sapportals.portal.workset=com.sap.portal.fpn.marshal.WorksetMarshaller@7cf07cf0, com.sapportals.portal.rolefolder=com.sap.portal.fpn.marshal.RoleFolderMarshaller@489b489b, com.sapportals.portal.operationmodifier=com.sap.portal.unification.semanticlayer.marshalling.OperationModifierMarshaller@1a1b1a1b, com.sapportals.portal.businessobject=com.sap.portal.unification.semanticlayer.marshalling.BusinessObjectMarshaller@1fc71fc7, com.sapportals.portal.layout=com.sap.portal.fpn.marshal.LayoutMarshaller@454f454f, com.sapportals.portal.role=com.sap.portal.fpn.marshal.RoleMarshaller@590e590e, com.sap.portal.obn.semanticlayer.businessobject.BusinessObject=com.sap.portal.unification.semanticlayer.marshalling.BusinessObjectNYMarshaller@68af68af, com.sap.portal.obn.semanticlayer.operation.IOperation=com.sap.portal.unification.semanticlayer.marshalling.OperationNYMarshaller@4f4a4f4a, com.sap.portal.pcm.admin.PlainFolderConverter=com.sap.portal.fpn.marshal.FolderMarshaller@284a284a, com.sapportals.portal.iview=com.sap.portal.fpn.marshal.IViewMarshaller@7ba37ba3, com.sapportals.portal.page=com.sap.portal.fpn.marshal.PageMarshaller@a100a10, com.sapportals.portal.operation=com.sap.portal.unification.semanticlayer.marshalling.OperationMarshaller@ece0ece}, WP=com.sapportals.portal.prt.core.resource.MultiPropertiesResource@3b213b21, ContentCatalog=ContentCatalog, Navigation=Navigation, PCD=PCD, com.sap.portal.obn=com.sap.portal.obn, com.sap.portal.usermanagement.usermanagement=com.sapportals.portal.prt.service.usermanagement.UserManagementService@60cc60cc, ProductionMode=true, AdHocWorkflowConnector=com.sap.workflow.es.portal.WFEWorkitemProvider@30d630d6, com.sap.ip.bi=com.sap.ip.bi, com.sapportals.portal.pcm.registeredServies=com.sapportals.portal.pcm.registeredServies, UniversalWorklistService=com.sap.netweaver.bc.uwl.core.portal.UWLPortalService@57e957e9, com.sap.portal.appintegrator=com.sap.portal.appintegrator, rtmf_messaging=com.sap.ip.collaboration.core.api.rtmf.core.RTMFMessaging@41af41af, com.sap.workflow.es.portal.IKMNotificationService=com.sap.workflow.es.portal.KMNotificationService@1daa1daa, com.sap.portal.pcm.collaborative.pagestemplates={}, runtime=runtime, Authenticator=com.sapportals.portal.prt.service.authenticationservice.AuthenticationService@756f756f, com.sap.workflow.es.portal.IKMAttachmentService=com.sap.workflow.es.portal.KMAttachmentService@9750975, unification=unification}
The IUserMappingService is missing. Any ideas?
Best regards,
Thomas

Accessing LDAP in a custom JAAS login module

Hi,
I have developed a custom jaas login module in CE 7.1. I created a java dc which contains a class extending AbstractLoginModule. This DC is deployed on to the server using an EAR DC. I am trying to access LDAP in the custom login module. I am trying to establish an SSL connection to LDAP. For this purpose i have created a custom socket factory class which extends SSLSocketFactory. I used the code below to establish the connection.
 Hashtable<String,String> env=new Hashtable<String,String>();
 DirContext dirContext=null;
 env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
 env.put(Context.PROVIDER_URL,ldapURL);
 env.put(Context.SECURITY_PROTOCOL,"ssl");
 env.put("java.naming.ldap.factory.socket", "com.test.ldap.MySSLSocketFactory");
 dirContext=new InitialDirContext(env);
MySSLSocketFactory is the name of custom socket factory.
During a login process, the above code results in error because the connection to LDAP server could not be established. However the same code when executed in a webdynpro DC is working without any problem. What could be the reason for this?
This is the error i could see in defaultTrace
javax.naming.CommunicationException: js24.na.domain.net:636 [Root exception is java.lang.ClassNotFoundException: com.test.ldap.MySSLSocketFactory
Loader Info -
ClassLoader name: [service:security]
Living status: alive
Direct parent loaders:
 [system:Frame]
 [library:j2eeca]
 [service:timeout]
 [service:com.sap.security.core.ume.service]
 [service:adminadapter]
Resources:
 /usr/sap/SV3/J10/j2ee/cluster/bin/services/security/lib/private/sap.comtcjesecurityimpl.jar
at com.sun.jndi.ldap.Connection.<init>(Connection.java:205)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1579)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2681)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:299)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at com.sap.engine.system.naming.provider.DefaultInitialContext._getDefaultInitCtxt(DefaultInitialContext.java:64)
at com.sap.engine.system.naming.provider.DefaultInitialContext.<init>(DefaultInitialContext.java:45)
at com.sap.engine.system.naming.provider.DefaultInitialContextFactory.getInitialContext(DefaultInitialContextFactory.java:41)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)

Hi,
I used an EJB to perform the LDAP search and called the EJB from the login module. It is working as expected.
Regards,
Shabeer

How to deploy and configure custom JAAS login module

Dear Experts,
I have created a custom jaas login module, In my .jar I am having
1. MyLoginModule.class
2. Handler.class
3. MyPrincipal.class
I want to know how to deploy the custom jaas module to oc4j. And make available to all
other application to use the same for authentication & authorization. Please suggest me.
Thanks,
Rajesh A

This article does not mention that you can put the <jazn-loginconfig> tag into the orion-application.xml as well.
Much easier to deploy and test.
--olaf

How to create Jaas Login module !! Urgent

Hi developers
I want to make some changes in logon messages. Right now we are getting only error user authentication failed on the portal even if user is locked or some other reason is there for failed authentiaction. I want proper message should be displaying based on user input. For it I hope its good to create Jaas logon module so that i can modify it accordingly .
kindly if any one can give me way out , its urgent.
how to create it step by step. it would be highly appriciable.
any inputs are appriciated .
Thanks in advance
Abhay

Hi Abhay,
1.) Every question is "urgent"... Please read https://www.sdn.sap.com/irj/sdn/wiki?path=/display/home/rulesofEngagement - section "Use a Good Subject Line"
2.) For JAAS Login Modules examples, see https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/4d65ed90-0201-0010-3aba-9209836e8242
Hope it helps
Detlev

Looking for example: JAAS login module using ADF BC

Hello all,
I have seen the article at http://www.oracle.com/technology/products/jdev/howtos/10g/jaassec/index.htm by Frank and Duncan detailing how to put together a login module that uses the database for authentication. Great idea. I would like to take it to the next level and use an ADF BC View Object to do the authentication and role assignment for users, but am stuck on a few points. First of all, is there anyone out there who has done this and would care to share? If not:
1). How do I get a reference to the AM so that I can look up a view object in the login module?
2). I assume that I am going to need to add my model project classes to the system classpath, correct?
3). What are the other gotchas?
4). Or should this be the first question, is this even possible?

Hi John,
I am trying to find a relevant example on JAAS login module with ADF BC,
i have this application that is ready to go in production deployed on a test application server
everything seems to work fine but it is totally deprived of security :o(
i have sent post to get some information i read most of it i even came across your blog on the matter
i am sort of understanding the things needed to do but i would need a working example to get a better grasp on the this subject. I need i think to built a custom login module but i dont know what exactly can be coded inside the jar file that is read from the application and that forces the authentification so if you could help in my research for an example you OR anyONE
it would be appreciated
Carl

Initialize method in JAAS login module

Similar Messages

Maybe you are looking for