JAAS login without a password

Similar Messages

• I recently inherited a macbook pro when my good friend passed away. the screen is password locked. is there any way around the login without knowing the password???

  How can I get past the password locked login without the password

  The first thing you should do with a second-hand computer is to erase the internal drive and install a clean copy of OS X. You — not the previous owner — must do that. How you do it depends on the model, and on whether you already own another Mac. If you're not sure of the model, enter the serial number on this page. Then find the model on this page to see what OS version was originally installed.
  1. You don't own another Mac.
  If the machine shipped with OS X 10.4 or 10.5, you need a boxed and shrink-wrapped retail Snow Leopard (OS X 10.6) installation disc, which you can get from the Apple Store or a reputable reseller — not from eBay or anything of the kind. If the machine has less than 1 GB of memory, you'll need to add more in order to install 10.6. I suggest you install as much memory as it can take, according to the technical specifications.
  If the machine shipped with OS X 10.6, you need the installation media that came with it: gray installation discs, or a USB flash drive for some MacBook Air models. For early MBA models, you may need a USB optical drive or Remote Disc. You should have received the media from the previous owner, but if you didn't, order replacements from Apple. A retail disc, or the gray discs from another model, will not work.
  To boot from an optical disc or a flash drive, insert it, then reboot and hold down the C key at the startup chime. Release the key when you see the gray Apple logo on the screen.
  If the machine shipped with OS X 10.7 or later, you don't need media. It should boot into Internet Recovery mode when you hold down the key combination option-command-R at the startup chime. Release the keys when you see a spinning globe.
  2. You do own another Mac.
  If you already own another Mac that was upgraded in the App Store to the version of OS X that you want to install, and if the new Mac is compatible with it, then you can install it. Use Recovery Disk Assistant to create a bootable USB device and boot the new Mac from it by holding down the C key at the startup chime. You will need the Apple ID and password that you used to upgrade. Note that if your other Mac was never upgraded in the App Store, you can't use this method.
  Once booted from the disc, the USB device, or Internet Recovery, launch Disk Utility and select the icon of the internal drive — not any of the volume icons nested beneath it. In the Partition tab, select the default options: a GUID partition table with one data volume in Mac OS Extended (Journaled) format. This operation will permanently remove all existing data on the drive, which is what you should do.
  After partitioning, quit Disk Utility and run the OS X Installer. When the installation is done, the system will automatically reboot into the Setup Assistant, which will prompt you to transfer the data from another Mac, its backups, or from a Windows computer. If you have any data to transfer, this is usually the best time to do it.
  You should then run Software Update and install all available system updates from Apple. If you want to upgrade to a major version of OS X newer than 10.6, get it from the Mac App Store. Note that you can't keep an upgraded version that was installed by the previous owner. He or she can't legally transfer it to you, and without the Apple ID you won't be able to update it in Software Update or reinstall, if that becomes necessary. The same goes for any App Store products that the previous owner installed — you have to repurchase them.
  If the previous owner "accepted" the bundled iLife applications (iPhoto, iMovie, and Garage Band) in the App Store so that he or she could update them, then they're linked to that Apple ID and you won't be able to download them without buying them. Reportedly, Apple customer service has sometimes issued redemption codes for these apps to second owners who asked.
  If the previous owner didn't deauthorize the computer in the iTunes Store under his Apple ID, you wont be able to  authorize it under your ID. In that case, contact iTunes Support.

• Login/keychain bug: Login as admin without a password.

  I just stumbled upon this bug. I have two user accounts on my iMac (OS 10.6.1) one password protected admin account and one user account without a password. If I go to the login window and click on the user account and immediately follow up with clicking on my admin account, then it will log me in as my admin account without asking for a password. If the admin account is not logged in a box will appear and ask my if I want to update my keychain or continue to login.
  I guess this wont be a problem if you just use a password on all your account.

  Nope. How was it changed? Your only option, IMHO, is to boot with your install disk and reset it. Once it's reset, login to and change it back.

• Configure JAAS login module stack to support x.509 certificates without SSL

  I want to use x.509 certificates for authentication against a EP 7.0 but I don’t want to have SSL traffic on the network segment where the portal resides. Obviously the SSL must be terminated in an application gateway that sends the certificate to the portal in the header.
  I know that AcceptClientCertWithoutSSL must be set to true in the http provider and that ClientCertificateHeaderName is the name of the header variable that contains the user’s certificate, default is SSL_CLIENT_CERT.
  What I don’t know is how to configure my JAAS login module stack, my suggestion would be this:
  EvaluateTicketLoginModule SUFFICIENT {ume.configuration.active=true}
  ClientCertLoginModule OPTIONAL {Rule1.getUserFrom=SSL_CLIENT_CERT}
  CreateTicketLoginModule SUFFICIENT {ume.configuration.active=true}
  BasicPasswordLoginModule REQUISITE {}
  CertPersisterLoginModule OPTIONAL {Rule1.getUserFrom=SSL_CLIENT_CERT}
  CreateTicketLoginModule SUFFICIENT {ume.configuration.active=true}
  My concern is does the ClientCertLoginModule and the CertPersisterLoginModule read from the header variable? If they don’t, is there another login module that should be used in this case?

  Hi Claus,
  you got the flags right but the options of the login modules (LM) are wrong, so the certificate authentication won't work.
  There's two problems I see: (1) Rule1.getUserFrom is not a valid option for the LM CertPersisterLoginModule, and (2) SSL_CLIENT_CERT is not a valid value for the option Rule1.getUserFrom of the ClientCertLoginModule.
  Looking at this topic:
  http://help.sap.com/saphelp_nw2004s/helpdata/en/ea/301e3e6217b40be10000000a114084/content.htm
  the header variable used to pass the certificate is maintained in the HTTP provider service properties but since you use the default you don't need to maintain that part of the config. You also don't need the CertPersisterLoginModule in the config because it is used for automatic certificate mapping, which doesn't work when you don't have SSL to the portal.
  So with the above said your LM stack config should look like this:
  EvaluateTicketLoginModule SUFFICIENT {ume.configuration.active=true}
  ClientCertLoginModule OPTIONAL {Rule1.getUserFrom=wholeCert}
  CreateTicketLoginModule SUFFICIENT {ume.configuration.active=true}
  BasicPasswordLoginModule REQUISITE {}
  CreateTicketLoginModule SUFFICIENT {ume.configuration.active=true}
  If this doesn't work I'd suggest opening a support ticket.
  Regards,
  Yonko

• Why when i go to login to facebook my e-mail address and passwork are up there already. Anyone can go on my facebook that uses my computer without a password

  on my desktop I go into Mozilla Firefox and then go to my bookmarks, I go facebook login and my login information and password is already there. I take the keep me logged in off and everything still comes up. other people who use my computer can put whatever they want on my facebook .

  Probably you have allowed it to set persistent cookies. If you want to have to log in every time, block the cookies for that hostname, or limit it to session only.

• Bypass JAAS Login Module

  Hello together,
  we need to build a new call from oracle Forms to new JSP PAGE ( made in ADF).
  That means, we create a new HTTP Request from Forms and read the Request Parameters, such username and password in the called JSP Page.
  We are using JAAS Authorization which works fine, but her comes the Problem:
  We would like to use the request parameters to authorize in JAAS automatically without any Login Screen (Login Module)
  Is there any Solution.
  Regards
  Arni

  Hi Frank,
  so there is no Chance to bypass the login Screen ?

• Opinions on implementing a JAAS login module to achieve SSO

  We are looking at implementing SSO from a sharepoint website to the portal.  The users who are accessing the Sharepoint site are using their own computers and are not members of the AD Domain, so they could theoretically be using any computer in the world to access Sharepoint.
  the desired user experience looks something like this.
  user--login> sharepoint site -no login--
  >portal
  One of the methods we are looking at to achieve this is to implement a custom JAAS login module that would authenticate the user if they are coming from the Sharepoint site.
  I would like to get your opinions on how viable you think this method is.  One of the goals of this method is ease of implementation, so if you can think of an easier way to implement this please let us know.
  the method is basically this.
  1. User logs into sharepoint using their AD username and password and establish an active session with sharepoint
  2. user navigates to a link in sharepoint that points to a resource in the SAP Portal
  3. we don't want the user to have to login to access the resource when they click on the link
  4. to facilitate this, sharepoint has constructed the link in the following way
  5. the link is an https link
  6. the link has two additional parameters in addition to whatever is necessary to navigate to the resource
  7. the parameters are
  8. un = the users AD username
  9. uh = sha1("secret_password_known_to_both_the_login_module_and_sharepoint" + "username")
  10. the user clicks the link and is directed to the SAP portal
  11. the sap portal has a custom JAAS login module which performs it's checks before the other login modules
  12. the custom module computes ( sha1("secret_password_known_to_both_the_login_module_and_sharepoint" + un)) and then compares the result with uh, if they are equal, the custom login module authenticates the user bypassing any further need for authentication, otherwise authentication passes to the original authentication modules as normal.
  If you think there is an easier way, please let us know.  We are essentially looking for the easiest/fastest way to implement this functionality that is still secure.

  Hey Gary,
    I'm currently using Apache running on RedHat that leverage Apache's mod_rewrite module. I've got a bank of 6 reverse proxies sitting in front of an SAP Portal and each proxy runs on a host with dual 3.33GHz processors and 8Gb or RAM. I know... they're waaay over-sized and they pretty much snooze all day.
    This is the sole entry point for all SAP users and we sized them to accommodate the "worst case" of about 5000 (potential) named users, concurrently. Realistically, we've only ever had about 1500 unique users hitting the systems in a day (following an upgrade go-live, everybody is curious and wants to log on) and a typical load of about 500 to 750 users in a day.
    Never had a real performance problem to speak of. As long as the proxies are tuned properly (ssl cache, sessions, etc.), you should be fine.
    Setting header variables and some other "custom stuff" is handled in Perl (need Apache's mod_perl active). We've got a script that's called by all users before being passed to the Portal.
    We used IISProxy.dll with an IIS web server a long time ago (5 years maybe?) but opted to can it in favor of the approach described above.
    If you ask SAP, they'll recommend you use a WebDispatcher... and that's certainly an option as well.
  -Kevin

• Use of portal service in JAAS Login Module

  Is it possible to use an portal service in an JAAS Login Module?
  I've tried to use the IUserMappingService and always run in an Null Pointer Exception.
  All needed Used DC references are set and the build and the deployment of the
  login module is possible without any errors.
  Best regards,
  Thomas

  I've debuged my JAAS login modul.
  The following objects are in accessable over my context object
  {broker=broker, com.sap.portal.pcm.collaborative.ipartstemplates={}, UME=UME, com.sap.workflow.es.portal.IKMCRoomService=com.sap.workflow.es.room.KMCRoomHelper@44c944c9, comp.sap.portal.fpn.marshallersrepository={com.sapportals.portal.workset=com.sap.portal.fpn.marshal.WorksetMarshaller@7cf07cf0, com.sapportals.portal.rolefolder=com.sap.portal.fpn.marshal.RoleFolderMarshaller@489b489b, com.sapportals.portal.operationmodifier=com.sap.portal.unification.semanticlayer.marshalling.OperationModifierMarshaller@1a1b1a1b, com.sapportals.portal.businessobject=com.sap.portal.unification.semanticlayer.marshalling.BusinessObjectMarshaller@1fc71fc7, com.sapportals.portal.layout=com.sap.portal.fpn.marshal.LayoutMarshaller@454f454f, com.sapportals.portal.role=com.sap.portal.fpn.marshal.RoleMarshaller@590e590e, com.sap.portal.obn.semanticlayer.businessobject.BusinessObject=com.sap.portal.unification.semanticlayer.marshalling.BusinessObjectNYMarshaller@68af68af, com.sap.portal.obn.semanticlayer.operation.IOperation=com.sap.portal.unification.semanticlayer.marshalling.OperationNYMarshaller@4f4a4f4a, com.sap.portal.pcm.admin.PlainFolderConverter=com.sap.portal.fpn.marshal.FolderMarshaller@284a284a, com.sapportals.portal.iview=com.sap.portal.fpn.marshal.IViewMarshaller@7ba37ba3, com.sapportals.portal.page=com.sap.portal.fpn.marshal.PageMarshaller@a100a10, com.sapportals.portal.operation=com.sap.portal.unification.semanticlayer.marshalling.OperationMarshaller@ece0ece}, WP=com.sapportals.portal.prt.core.resource.MultiPropertiesResource@3b213b21, ContentCatalog=ContentCatalog, Navigation=Navigation, PCD=PCD, com.sap.portal.obn=com.sap.portal.obn, com.sap.portal.usermanagement.usermanagement=com.sapportals.portal.prt.service.usermanagement.UserManagementService@60cc60cc, ProductionMode=true, AdHocWorkflowConnector=com.sap.workflow.es.portal.WFEWorkitemProvider@30d630d6, com.sap.ip.bi=com.sap.ip.bi, com.sapportals.portal.pcm.registeredServies=com.sapportals.portal.pcm.registeredServies, UniversalWorklistService=com.sap.netweaver.bc.uwl.core.portal.UWLPortalService@57e957e9, com.sap.portal.appintegrator=com.sap.portal.appintegrator, rtmf_messaging=com.sap.ip.collaboration.core.api.rtmf.core.RTMFMessaging@41af41af, com.sap.workflow.es.portal.IKMNotificationService=com.sap.workflow.es.portal.KMNotificationService@1daa1daa, com.sap.portal.pcm.collaborative.pagestemplates={}, runtime=runtime, Authenticator=com.sapportals.portal.prt.service.authenticationservice.AuthenticationService@756f756f, com.sap.workflow.es.portal.IKMAttachmentService=com.sap.workflow.es.portal.KMAttachmentService@9750975, unification=unification}
  The IUserMappingService is missing.  Any ideas?
  Best regards,
  Thomas

• Login with encrypted password doesn't work

  Hi, simple problem:
  in login settings with encrypted password option on
  The login doesn't work => Error:"AFTER.Trigger_Login_CheckLogin*"
  (tested with a user that has an encrypted password)
  without encrypted password
  The login works
  (tested with a user that has a clean password)
  Where I wrong?
  Thanks
  Gabriele

  Hi Gabriele,
  how many varchars did you define for the column that´s holding the encrypted passwords ? It has to be at least 32 chars due to the MD5 encryption, if it´s lesser than that, the passwords will get truncated.
  Cheers,
  Günter Schenk
  Adobe Community Expert, Dreamweaver

• Accessing LDAP in a custom JAAS login module

  Hi,
  I have developed a custom jaas login module in CE 7.1. I created a java dc which contains a class extending AbstractLoginModule. This DC is deployed on to the server using an EAR DC. I am trying to access LDAP in the custom login module. I am trying to establish an SSL connection to LDAP. For this purpose i have created a custom socket factory class which extends SSLSocketFactory. I used the code below to establish the connection.
            Hashtable<String,String> env=new Hashtable<String,String>();
            DirContext dirContext=null;
            env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
            env.put(Context.PROVIDER_URL,ldapURL);
                  env.put(Context.SECURITY_PROTOCOL,"ssl");
                  env.put("java.naming.ldap.factory.socket", "com.test.ldap.MySSLSocketFactory");
                  dirContext=new InitialDirContext(env);
  MySSLSocketFactory is the name of custom socket factory.
  During a login process, the above code results in error because the connection to LDAP server could not be established. However the same code when executed in a webdynpro DC is working without any problem. What could be the reason for this?
  This is the error i could see in defaultTrace
  javax.naming.CommunicationException: js24.na.domain.net:636 [Root exception is java.lang.ClassNotFoundException: com.test.ldap.MySSLSocketFactory
  Loader Info -
  ClassLoader name: [service:security]
  Living status: alive
  Direct parent loaders:
     [system:Frame]
     [library:j2eeca]
     [service:timeout]
     [service:com.sap.security.core.ume.service]
     [service:adminadapter]
  Resources:
     /usr/sap/SV3/J10/j2ee/cluster/bin/services/security/lib/private/sap.comtcjesecurityimpl.jar
  at com.sun.jndi.ldap.Connection.<init>(Connection.java:205)
  at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
  at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1579)
  at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2681)
  at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:299)
  at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
  at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
  at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
  at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
  at com.sap.engine.system.naming.provider.DefaultInitialContext._getDefaultInitCtxt(DefaultInitialContext.java:64)
  at com.sap.engine.system.naming.provider.DefaultInitialContext.<init>(DefaultInitialContext.java:45)
  at com.sap.engine.system.naming.provider.DefaultInitialContextFactory.getInitialContext(DefaultInitialContextFactory.java:41)
  at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
  at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
  at javax.naming.InitialContext.init(InitialContext.java:223)
  at javax.naming.InitialContext.<init>(InitialContext.java:197)
  at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)

  Hi,
  I used an EJB to perform the LDAP search and called the EJB from the login module. It is working as expected.
  Regards,
  Shabeer

• Config Tool - Login name and password

  Hi,
  When I Launch the Config tool, it normally connect to the database directly without prompting for login name and password. Where does it get login information from and where does it store these information.
  Your help is greatly appreciated.
  Vince

  It always runs on the local machine where you Java stack is installed and connects to the default database schema (Java). You can look at the config.properties file under C:\usr\sap\J2E\JC00\j2ee\configtool for details
  Regards
  Abdul

• Urgent: JAAS Login Module Deployment Problem

  Hi,
  I have developed a JAAS Login module for the portal (EP6 SP9 sneak preview) and i am getting the following error:
  GroupAssignmentLoginModuleLibrary does not exist in LoadContextWrapper.modifyName.
  com.sap.engine.services.security.exceptions.BaseSecurityException: Can not load a login Module
  The next line is a ClassNotFoundException for the Login Module and the class found in negative cache.
  Please let me know if you know the solution to this problem.
  It is an urgent issue and a solution will be suitably rewarded.
  Regards,
  Vibhu

  Hi Diego,
  Scenario 1: SAP EP to SAP Backend Integration
        In this scenario the most commonly used strategy
        is SAP logon tickets. As far as I know this is the
        best and simple way to implement SSO.
  Scenario 2: SAP EP to Non SAP systems.
        In this scenario various mechanisms can be used.
        It depends on the application you are integrating
        with. SAP does deliver SSO soultions with Lotus
        Notes and Outlook etc. If supported probably it is
        simple to use the SAP solution [Reliability and
        Support].
  Scenario 3: Enterprise Uses third party authetication
        Software.
        For the authntication if the company chooses to use
        some third party product like SiteMinder etc, then
        you can simply use this solution for SAP EP authe-
        tication, and also all your other enterprise
        applications based on the product support. But SAP
        EP to other SAP systems be best integrated with SAP
        logon tickets.
  Scenario 4: SSO using homegrown authetication or some
        third party JAAS module.
        If you have significant applications that are home
        grown that uses some custom authentication mecha-
        nism (Example: Authentication based on ID and
        Password stored in company database ) you can write
        a JAAS module extention to authenticate using that
        database. In other words JAAS is flexible and
        for using external authentication mechanisms.
  There are several mechanisms available that all depends
  on your internal applications/security mechanism/integration etc.
  Here is the link to one of the good articles on SDN about the SAP supported SSO mechanisms.
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/uuid/58094632-0301-0010-a391-fc0de26f010e
  Hope this information is useful.
  -Venkat Malempati

• Create new JAAS login module & have to deploy in OC4J

  Dear Experts,
  Is it possible to create number of user roles under the group oc4jadmin. Then have to assign task for each user in group. please suggest me.
  Thanks,
  Rajesh
  Edited by: Rajesh A on Mar 12, 2009 10:15 AM
  Edited by: Rajesh A on Mar 12, 2009 6:48 PM

  h5. James,Anirudh
  Is it possible to define new JAAS module that would first check with Oracle DB & then check with LDAP directory. Actually my requirement was to authenticate user with the help of backends. Here backend denotes both Oracle DB & LDAP. In the sense when user enters valid id & password it checks for existence in DB & if exist DB returns a new value (role) then have to check new value with LDAP( what are the privileges available for specified role & who is the superior for the same). The details maintaining in LDAP are dynamic so we cant able to move into DB. Every process involving here is automatic in the sense no external server connection should provide for authentication. The custom login module should be deploy in same OC4J container. Always available as service. I want to know about the following
  1) How to define costom JAAS login module
  2) How to configure coutom JAAS login module over OC4J
  3) How to make use of it
  Thanks,
  Rajesh

• JAAS Login Module Redirect to Iview

  I am having some difficulty getting a redirect to an Iview to work in our custom JAAS Login Module.  This code works in our current production environment, using Portal version EP6.0 SP2 Patch 35:
  callbacks[0] = new com.sap.security.api.logon.WebCallback();
  HttpServletResponse rsp = ((WebCallback) callbacks[0]).getResponse();
  rsp.sendRedirect(this.changepasswordurl + this.username);  //get url from property
  But this nearly identical code is not working in our development environment, running NetWeaver:
  WebCallback wcb = new WebCallback ();
  this.callbackHandler.handle(new Callback [] {wcb});
  HttpServletResponse rsp = wcb.getResponse();
  myLoc.infoT("URL: " + this.changepasswordurl + this.username);
  rsp.sendRedirect(this.changepasswordurl + this.username); //get url from property
  When the rsp.sendRedirect statement is executed, I get a stack dump:
  #1.5#00306EF4D7AD0048000000550000576000040C5F45EBE199#1139503241315#com.nike.portal.auth.PortalLoginModule#sap.com/irj#com.nike.portal.auth.PortalLoginModule#Guest#192####cd56b800998a11da8f7300306ef4d7ad#SAPEngine_Application_Thread[impl:3]_9##0#0#Info##Plain###URL: https://dev.XXXXX.com/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fnikeconnect!2fiviews!2fcommon!2fMyInfo!2f1-com-nike-iv_b2s-change-password?userid=ncportal02@yahoo.com#on!2fMyInfo!2f1-com-nike-iv_b2s-change-password?userid=ncportal02@yahoo.com#
  #1.5#00306EF4D7AD0048000000570000576000040C5F45EC2971#1139503241326#com.sap.engine.services.security#sap.com/irj#com.sap.engine.services.security#Guest#192####cd56b800998a11da8f7300306ef4d7ad#SAPEngine_Application_Thread[impl:3]_9##0#0#Error##Java###Error in some of the login modules.
  [EXCEPTION]
  #1#com.sap.engine.services.security.exceptions.BaseLoginException: Error in some of the login modules.
          at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:149)
          at java.security.AccessController.doPrivileged(Native Method)
          at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:153)
          at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
          at sun.reflect.GeneratedMethodAccessor260.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:324)
  When I cut the exact URL being redirected to from the trace log and paste it into a browser, it goes to the page just fine.
  Can anyone suggest a different method of performing a redirect from withing my JAAS Login Module in NetWeaver?  I'm thinking maybe I'm not getting the response object properly - any ideas?
  Thank you...
  Dave

  Thanks for the pointers.  We were able to get an SAP developer to take a look at this and he coded up this solution, which takes what you suggested and filled in all the blanks.  I am baffled as to how I would have figured this out on my own (like the RESPONSE_CODE value of 302), given the limited documentation around the HttpCallback.  We haven't had the opportunity to try this yet - I'll respond with a new post either way to let you know.  Anyway, here's the code snippet for how to perform a redirect:
  In the custom JAAS Login Module:
  setRedirect(callbackHandler, this.changepasswordurl);
  This is the setRedirect method:
  private void setRedirect(CallbackHandler ch, String redirectURL)
        throws IOException, UnsupportedCallbackException
      HttpSetterCallback setRCodeCB = new HttpSetterCallback();
      setRCodeCB.setType(HttpCallback.RESPONSE_CODE);
      setRCodeCB.setName("Moved Temporarily");
      setRCodeCB.setValue("302");
      HttpSetterCallback setRedirCB = new HttpSetterCallback();
      setRedirCB.setType(HttpCallback.HEADER);
      setRedirCB.setName("Location");
      setRedirCB.setValue(redirectURL);
      Callback[] cbSetter = new Callback[2];
      cbSetter[0] = setRCodeCB;
      cbSetter[1] = setRedirCB;
      ch.handle(cbSetter);

• JAAS Login Module using Deployable Web Service proxy

  Hi,
  We've created a JAAS Login Module that calls a deployable web service proxy to validate users on Netweaver Portal 2004 SP19. To do this the following steps were taken:
  1) created a deployable web proxy named 'SGU_proxy' and uploaded it to server. This project created 2 files: 'SGU_proxy.ear' (the one uploaded) and 'SGU_proxyClientAPI.jar'.
  2) created a Java project named 'AgregacaoLoginModule' with a single class to authenticate users, this is the class that calls the web service with the username and password. This project references the deployable web proxy project (Properties > Java Build Path > Projects > checkbox marked next to project SGU_proxy).
  3) exported the Java project class, not including the 'SGU_proxyClientAPI.jar'.
  4) created a 'J2EE Server Component' > 'Library' project named 'AgregacaoLoginModuleJ2EE'.
  On the 'provider.xml' file added 2 jars: 'AgregacaoLoginModule.jar' and 'SGU_proxyClientAPI.jar'. References were made to the standard portal libraries. No references were made to the proxy 'SGU_proxy' or the 'AgregacaoLoginModule' project.
  The library was uploaded to the server, everything was ok and no errors were reported.
  The login module was configured on the server and is called when users try to acess Portal server.
  The problem is that when trying to authenticate users: after getting a reference to the proxy using jndi I get a ClassCastException. Note that this proxy is used in a WebDyn Pro application and is working fine.
  The web service client proxy generated the interface 'pt.agregacao.ws.sgu.Servicos' and from jndi I get 'class pt.agregacao.ws.sgu.ServicosImpl'. So this seems to be ok, why the exception?
  Is it necessary to had a reference to 'SGU_proxy' on the 'AgregacaoLoginModuleJ2EE' project? If so, how?
  Thanks in advance.
  Alvaro

  Hi,
  We've created a JAAS Login Module that calls a deployable web service proxy to validate users on Netweaver Portal 2004 SP19. To do this the following steps were taken:
  1) created a deployable web proxy named 'SGU_proxy' and uploaded it to server. This project created 2 files: 'SGU_proxy.ear' (the one uploaded) and 'SGU_proxyClientAPI.jar'.
  2) created a Java project named 'AgregacaoLoginModule' with a single class to authenticate users, this is the class that calls the web service with the username and password. This project references the deployable web proxy project (Properties > Java Build Path > Projects > checkbox marked next to project SGU_proxy).
  3) exported the Java project class, not including the 'SGU_proxyClientAPI.jar'.
  4) created a 'J2EE Server Component' > 'Library' project named 'AgregacaoLoginModuleJ2EE'.
  On the 'provider.xml' file added 2 jars: 'AgregacaoLoginModule.jar' and 'SGU_proxyClientAPI.jar'. References were made to the standard portal libraries. No references were made to the proxy 'SGU_proxy' or the 'AgregacaoLoginModule' project.
  The library was uploaded to the server, everything was ok and no errors were reported.
  The login module was configured on the server and is called when users try to acess Portal server.
  The problem is that when trying to authenticate users: after getting a reference to the proxy using jndi I get a ClassCastException. Note that this proxy is used in a WebDyn Pro application and is working fine.
  The web service client proxy generated the interface 'pt.agregacao.ws.sgu.Servicos' and from jndi I get 'class pt.agregacao.ws.sgu.ServicosImpl'. So this seems to be ok, why the exception?
  Is it necessary to had a reference to 'SGU_proxy' on the 'AgregacaoLoginModuleJ2EE' project? If so, how?
  Thanks in advance.
  Alvaro