Using JAAS for third-party webapp

I'm developing a webapp that will be marketed to enterprise customers. Right now, it handles its own authentication by validating the userid/password against its own user table. I'd like to give customers the ability to plug in whatever type of authentication they want, for example, one that authenticates a user against an Active Directory domain.
It seems like JAAS was expressly designed for this purpose, but as I read up on it, I forsee all sorts of problems that could be caused by it. If I'm missing something, I'm hoping someone here can set me straight.
According to the docs, when an app creates a LoginContext and provides it with CallbackHandlers, the LoginContext will check the Configuration to see if any LoginModules are configured for the app (based on the name parameter passed into the LoginContext). If it doesn't find one, it will look for a set of LoginModules for "other".
Here's the behavior I would like: If there is no set of LoginModules configured specifically for my app, I do NOT want the LoginModule(s) for "other" used, since I have no clue what it/they will be. Instead, I would like to my code to be gracefully notified that no LoginModules are configured, so it can default back to its own authentication mechanism. From the looks of the API docs, however, there doesn't seem to be any surefire way to tell why a LoginException has thrown.
I thought I might be able to check programattically to see if there's a LoginModule configured for my webapp with Configuration.getConfiguration().getAppConfigurationEntry(appName), but, 1) it looks like that will probably throw a SecurityException, and 2) it also looks like it would return the AppConfigurationEntries for "other" in the event there's no entry for my app.
It's important that my app not require the appserver administrator to explicitly configure a LoginModule for it, since that could turn into a support nightmare; I simply want to give powerusers the ability to do so if they choose to.
Is it possible to get the behavior I want from JAAS, without a lot of contortions and workarounds? As I said, I may be missing something, but it doesn't seem like I can.

This is from the javadocs
public LoginContext(String name)
throws LoginException
Initialize the new LoginContext object with a name.
LoginContext uses the specified name as the index
into the Configuration to determine which
LoginModules should be used. If the provided name
does not match any in the Configuration, then the
LoginContext uses the default Configuration entry,
"other". If there is no Configuration entry for
"other", then a LoginException is thrown.
Throws:
LoginException - if the specified name does not
appear in the Configuration and there is no
Configuration entry for "other", or if the
auth.login.defaultCallbackHandler security property
was set, but the implementation class could not be
loaded.
The or condition here could be ignored because you
wouldnt be using CallbackHandlers or even if you are
using them, you could ensure that the classes are
'loadable'.The problem is, that LoginException is going to be called for anything that goes wrong inside a LoginContext. If there is an "other" LoginModule set, but it doesn't recognize my user's name and password, then it will throw a FailedLoginException. How is my code supposed to know that the user's name/password will never be accepted by that LoginModule?
>
2.
An alternative would be to provide your own
own implementation of the abstract class
javax.security.auth.login.Configuration overriding
the default implementation provided by Sun. Remember, this is a third-party webapp running in an appserver with other webapps from different providers. It has to use whatever Configuration is already there.
This is
the same technique if you wish to provide the login
module information in any other location than a text
file (as is required by the default implementation)
You could then throw specific custom exceptions
ons from your implementation code and choose to
handle it in the manner you desire.Even if I could do that, which I can't, as I explained, I have to keep this SIMPLE for customers who might not be very knowledgeable in the more esoteric aspects of J2EE and Java.

Similar Messages

  • How can I use iCloud calendars for third party webapps?

    Hi, I thought of having my calendar on a page, where I also type in my AppleID and then be able to read (and write) new calendar-entries.
    Is that possible? If so, how?

    iCloud calendars are just industry standard CalDAV calendars, so assuming you have the programming knowledge to use the CalDAV protocol you can read/write to iCloud calendars.
    These links may point you in the right direction:
    http://www.quora.com/Will-Apple-iCloud-also-publish-an-API-to-read-write-the-cal endar-data
    http://stackoverflow.com/questions/9751255/apple-icloud-calendar-api
    Apple also has a specific iCloud section of their Developer site, but you need to be a registered developer to access it:
    iCloud for Developers - Apple Developer

  • Item category used for third party

    Gurus,
    need to know the item category used for third party process and its determination, kindly help.
    thanks
    SP

    Dear Partasarathy,
    there are three different processes within the third-party.
    The usual third-party process (the delivery will be made directly from the third-party partner). The item category here is TAS in the standard.
    The individual purchase order (the delivery will be done from third-party partner to SD-partner and then the normal delivery will be created from the sales order). The item category here is TAB in the standard.
    The ALE-process is the third-party process where the purchase order (not only the purchase requisition) will be created after saving the sales order. The item category here is ALES in the standard.
    I hope, this additional info helps you further.
    Kind regards,
    Akmal Vakhidov
    Development Support IMS SD, SAP, Walldorf/Germany

  • PO Creation for third party sales

    Hi
    We have the scenario Third party sales and High sea sales which is already in use (already configured) , where PR getting generated automatically .
    But client requirement is they want the PO to generate automatically by the system the moment i save the sales order .
    Where is the setting in the SAP , where system will generate the PO automatically instead of PR
    Please suggest

    Hi,
    Go to VOV7
    Select third party item category which u r using in sales order >>> Deatils >>> under transaction flow >>> Tickmark to CREATE  PO AUTOMATIC.
    If you activate this field, the system automatically generates both a purchase order requisition for third-party schedule lines as well as a purchase order in the background when you save the sales order.
    However u can not create PO directly.
    Kapil

  • Logical Sys Name for Business system in SLD for Third Party

    Hi !!
    I have little doubt what will be the logical system name for creating Business systems in SLD for third party?
    thanks
    Gowri

    Hi Gowri,
    sorry, i dont agree with the other answers. The logical system name is required for ALE partner finding. If you dont want to communicate with IDocs you dont need it. If you want to send messages from third party system to R/3 via IDoc adapter, then you should (can) give a name. It can be configured in IB directory as well (adapter specific identifiers). Choose any name, this name will be used for the partner agreement in R/3.
    Regards,
    Udo

  • Process demand for third party direct shipment

    Hello ,
    I need help in below given areas. in our rollout client is given statement of work like this.
    1)     Demand transfer to vendors
    2)     Reminder processing
    3)     Process demand for third party direct shipment
    Please can you explain me about these area, how it works with example. it is very benificial for us.
    Regards
    sapman

    Hi Sapera,
    There can be 3 typse of trading scenarios
    1. 3rd party with Shipping notification : Where in u create sales order  and create PO against the PR which si triggered in SAles order adn hen MIGO followed by MIRO and Billing. Here Billing to the end customer can be doen before MIRO because the billign quantity considered is based on the goods Receipt( MIGO) quantity. Many a times you might have your personnels or soem mechanisms to cross verify the delivered quanity as some times the vendor might not dispatch the quantiy in the PO. Here the MIGO doen si consumption posting/Non valuated GR as physically it doenot come into your stock and therefore is not shown in our stock. ITem category used in TAS
    2. 3rd party without shiiping notfication ; Here MIGO is not done and billig ncan be done only after MIRO as the billing quantity is based on the Invocie receipt quantity in MIRO
    3. Bought in items/ Dealer Sales : Here you bring in the materials from the vendor to our depot plant and then dispatch it to the customer . Here PR is geenrated from sales order followed by PO and MIGO. After MIGO you have to do PGI followed by Billing. MIRO doesnot have any impact on the PGI or Billing. Item category used is TAB
    But in all the three instancesthe configurational changes happen in schedule line cateogry and the account assignment which is maintiend in item category and for automatic determination of 2 different schedule line categories we need to maintian 2 different item categories alothough item category settings are almost the same.
    Hope this was helpful in giving you some insights on the trading processes
    Regards,
    Nithin

  • Account Assignment Category for third party process.

    Hi ,
              I would like to use different account assignment category for third party process. This account assignment cat must be assigned at the sales order itself. Is there any config for this.
    Kindly help me.
    Ram.

    You can create new account assignment category for 3rd party process  by copying existing std one 2 in configuration under MM - Purchasing - Account assignment - maintain account assignment category
    You can assign your own set of control for account assignment based on requirement.
    SAP use TAS item catgory in 3rd Sales order which is linked to Pur Req account assignment catgory 2.If you are defining own account assignment catgory than you need to config set-up with TAS sales order item catgory.
    Hope above details will help to move further...sanjay karkun

  • Process Required for Third party sales

    Hi Guru ji's ,
    Pls let me know the step by step procedure for Third party sales processing.
    on the below conditions.
    1] Sales order to be created automatically based on the Bapi .
    2] Based on the Sales order, automatic Purchase order and Gr must happen.
    3] Automatic invoices must also be created automatically.
    Can any one explain us what is to be done under the above said conditions,
    Best Regards,
    Gurpreet Singh Saini.

    Hi
    Please find enclosed the details on third party.
    Process Flow for 3rd Party Sales
    Customize the third party sales in summary:
    1. Create Vendor XK01
    2. Create Material u2013 Material Type as "Trading Goods". Item category group as "BANS".
    3. Assign Item Category TAS to Order type that you are going to use.
    4. A sale order is created and when saved a PR is generated at the background 
    5. With reference to SO a PO is created (ME21N). The company raises PO to the vendor.
    6. Vendor delivers the goods and raises bill to company. MM receives the invoice MIRO 
    7. Goods receipt MIGO 
    8. Goods issue
    9. The item cat TAS or Schedule line cat CS is not relevant for delivery which is evident from the config and,   therefore, there is no delivery process attached in the whole process of Third party sales.
    10. Billing      *-- Seema Dhar
    SD -  3rd party sales order Create Sales Order
    VA01
          Order Type
          Sales org, distr chnl, div
          Enter
          Sold to
          PO #
          Material
          Quantity
          Enter
          Save
    SD -  3rd party sales order View the PR that is created with a third party sales order
    VA01
          Order Number
          Goto Item Overview
          Item ->Schedule Item
    SD -  3rd party sales order View the PR that is created
    ME52N
          Key in the PR number
          Save
    SD -  3rd party sales order Assign the PR to the vendor and create PO
    ME57
          Key in the PR number
          Toggle the "Assigned Purchase Requisition"
          Execute
          Check the box next to the material
          Assign Automatically button
          Click on "Assignments" button
          Click on "Process assignment"
          The "Process Assignment Create PO" box , enter
          Drag the PR and drop in the shopping basket
          Save
    SD -  3rd party sales order Receive Goods
    MIGO_GR
          PO Number
          DN Number
          Batch tab , click on classification
          Serial Numbers tab
          Date of Production
          Flag Item OK
          Check, just in case
          Post
          Save
    SD -  3rd party sales order Create Invoice
    MIRO
          Invoice Date
          Look for the PO , state the vendor and the Material
          Check the box
          Clilck on "Copy"
          Purchase Order Number (bottom half of the screen)
          Amount
          State the baseline date
          Simulate & Post
          Invoice Number
          *Invoice blocked due to date variance
    SD -  3rd party sales order Create a delivery order
    VL01N
          In the order screen , go to the menu Sales Document , select "Deliver"
          Go to "picking" tab
          State the qty and save
    SD -  3rd party sales order Create a billing document
    VF01
          Ensure that the delivery document is correct in the
          Enter
          Go to edit -> Log
          Save
    Third party Return Process
    If the vendor grants you a credit memo on a quantity or a value basis, you can then send this credit memo directly to your customer.
    The billing type Third-party credit memo (G2S) is available for this. The billing type Third-party credit memo works with the item category TASG (third-party credit memo item). The Billing-relevance indicator F is set in Customizing for Sales for this item category. This means that the cost is not created. In Customizing for Sales, the item category TASG is set at item level in copying control for the billing type G2S (copying control sales document by billing document) as the target item category (source: TAS-> Target:> TASG.)
    Process Flow
    Create a billing documente with billing type Third-party credit memo (for further information, see the section Creating a billing document in the Billing document). Enter the third-party order as a document still to be processed. The quantities are automatically removed from the invoice.
    The above is the process for giving a credit memo which can be adapted for return goods.
    Hope it will help you

  • Cannot close sales order for third party sales

    Hello Gurus,
    I cant seem to close a third party sales order even after it has been delivered and the incoming reciept match the sales order as well as purchase requisition or purchase order. at first I thought it was the difference in the unit of measure b/w the delivered products and the ordered products, but that is not the case because even when they are still the same and the quantities match I still have an issue and when I run VA05 (list of sales order) the sales order for the third party sales still shows up. An example is sales order XXX / PO XYZ/ Inv XYY u2013 ordered 45,000, shipped 39,980), we resolve it with the following steps below
    1. change the PO quantity to match the invoice quantity
    2. the requisition then re-opened itself automatically.
    3. I then changed the requisition and marked it closed.
    4. I then could go to the sales order and change the order quantity to match the billed and invoiced quantity. The rejection code 52 did not work u2013 I received a hard error:  PO XYZ must be deleted before the line item could be rejected.
    This is a whole lot of steps to perform just to correct 1 backorder. The reason that it had to be corrected is that the sales order  mfg line stays on the Billing Due list and does not clear it self out unless you perform the steps above.
    Also like I said even when all the quantities are the same I still have this issue so is ther any thing I can do to resolve this issue in configuration or otherwise and also we are using the satndard item category "TAS" for third party sales.
    I will appreciate you contribution and help to resolve this matter
    Thanks

    Unfortunately, all the steps need to be performed to close the status. I think even giving tolerances will not close the status. If it is a regular sale order, a small BDC program may be written to change the sale order quantity to match the invoice quantity. Since its a third party and there are too many documents which are involved in the process using ABAP programs is not a convenient option.
    Regards,
    GSL.

  • What are the key questions for third party order process?

    hi all,
    what type of questions can i receive for third party order process?
    pls.. do the needful
    thanks to all.

    Hi arun,
    Process Flow for 3rd Party Sales
    Customize the third party sales in summary:
    1. Create Vendor XK01
    2. Create Material – Material Type as "Trading Goods". Item category group as "BANS".
    3. Assign Item Category TAS to Order type that you are going to use.
    4. A sale order is created and when saved a PR is generated at the background 
    5. With reference to SO a PO is created (ME21N). The company raises PO to the vendor.
    6. Vendor delivers the goods and raises bill to company. MM receives the invoice MIRO 
    7. Goods receipt MIGO 
    8. Goods issue
    9. The item cat TAS or Schedule line cat CS is not relevant for delivery which is evident from the config and,   therefore, there is no delivery process attached in the whole process of Third party sales.
    10. Billing     
    SD -  3rd party sales order Create Sales Order
    VA01
          Order Type
          Sales org, distr chnl, div
          Enter
          Sold to
          PO #
          Material
          Quantity
          Enter
          Save
    SD -  3rd party sales order View the PR that is created with a third party sales order
    VA01
          Order Number
          Goto Item Overview
          Item ->Schedule Item
    SD -  3rd party sales order View the PR that is created
    ME52N
          Key in the PR number
          Save
    SD -  3rd party sales order Assign the PR to the vendor and create PO
    ME57
          Key in the PR number
          Toggle the "Assigned Purchase Requisition"
          Execute
          Check the box next to the material
          Assign Automatically button
          Click on "Assignments" button
          Click on "Process assignment"
          The "Process Assignment Create PO" box , enter
          Drag the PR and drop in the shopping basket
          Save
    SD -  3rd party sales order Receive Goods
    MIGO_GR
          PO Number
          DN Number
          Batch tab , click on classification
          Serial Numbers tab
          Date of Production
          Flag Item OK
          Check, just in case
          Post
          Save
    SD -  3rd party sales order Create Invoice
    MIRO
          Invoice Date
          Look for the PO , state the vendor and the Material
          Check the box
          Clilck on "Copy"
          Purchase Order Number (bottom half of the screen)
          Amount
          State the baseline date
          Simulate & Post
          Invoice Number
          *Invoice blocked due to date variance
    SD -  3rd party sales order Create a delivery order
    VL01N
          In the order screen , go to the menu Sales Document , select "Deliver"
          Go to "picking" tab
          State the qty and save
    SD -  3rd party sales order Create a billing document
    VF01
          Ensure that the delivery document is correct in the
          Enter
          Go to edit -> Log
          Save
    Pl. be clear on this process.
    Also understand how migo and miro are handled.
    The item categories used.
    How the company knows of the shipment of goods to the customer.
    How returns are handled.
    Hope it helps. Please reward if useful.
    Thanks & Regards
    Sadhu Kishore

  • Custom Template for Third Party Balance Summary Report(Java type executable

    Hi Al,l we have a requirment to have a layout with some of the fields from
    Third Party Balance Summary Report( Which is a Java type executable and
    Data definition has Data Template attached(.xml)).
    I tried in below way.
    Coppied the Third Party Balance Summary Report program with same application and parameters
    with. Then defined a Datadefinition with my concurrent prog short name
    attached the same standard .xml file(Not sure what it is) and developed a custom template with
    a custom rtf(excel output type), and submitted the program
    the output is generated in excel but my custom .rtf layout is not getting applied
    rather it is showing same layout as in standard.
    Some thing I am missing here or else it is not the way of changing the
    template.
    If any one know how to do this please let me know.
    My client want only some files from the standard report(no need of new fileds)
    with output type xls.
    Thanks in Advance.
    The same content is posted in Custom Template for Third Party Balance Summary Report(Java type executable sorry for duplicating the thread, just for increase the visibility for my issue I did this.

    I gave up on using a different font or figuring out if I could use Times New Roman's built-in fractions visible in Font Book (as unicodes) and did a work-around based on Michael Wasley's tips in this discussion.
    https://discussions.apple.com/message/11622842#11622842
    I adapted it however and think it looks a little better.
    Font: Times New Roman 12 point
    I used the fraction bar in 12-point (Shift-Option-1) for automatic kerning.
    For the numerator, I changed the font style to superior (12-point).
    For the denominator, I changed the font style to subscript (Shift-Command-hyphen) and reduced the font size to half, or 6-point using the short-cut Shift-Command-<.
    When the fractions occured in my footnotes (9-point), I used 4-point in the denominator; 10- and 11-point, I used 5-point in the denominator. This seemed to produce the best result when printing.
    Thank you, Michael.
    -Dottie

  • Reminder for Third Party PO

    Hi,
    When we use ME91F to transmit reminders, system selects onlt the PO items with GR indicator ticked. But in case of third party order, there is no GR indicator set in the item. So system does not select the PO and hnece PO items for reminders ( in ME91F).
    I checked the code, there is a check that if it is PO and wepos is 'space' , it dose not select the PO for reminder.
    I want to send reminders for third part po also. What would be the best method to achieve that.
    Thanks in advance.

    Hi,
    You can code based on an item category in PO it will be always S
    Field (EPSTP) for third party
    BR
    Diwakar

  • Adobe Muse CC Form for third party hosting servers

    I start using the new adobe muse cc forms for third party hosting servers and i have this website for one of my customers i create a CONTACT FORM on the website and when try to submit it says "server encontered an error" i chat with adobe support they send me a URL with the options to fix my problem and then when i run this URL "http://mistercoffeediaz.com/scripts/form_check.php" everything is working fine. Please any somebody help me how to work this issue around. THKS..

    Responded to your other thread - http://forums.adobe.com/message/5555450#5555450.
    Thanks,
    Vinayak

  • Logic X and 9 looking for third party plugins in the wrong place Mavericks

    Hi all
    i'm having trouble loading up old sessions in logicX and Logic 9 with my recent upgrade of computer which came with mavericks.
    can anybody please help me!!
    Logic is searching for third party plugins like this:
    this is a real pain because when i replace the plugin with the exact same plugin from its propper location i loose all the settings that were originaly used.
    thanks in advance
    Mitch

    See if this helps: Find your hardware serial number.
                   and     About This Mac

  • Generate CSR for Third-Party Certificates

    Hi All,
    i have an issue when i tried to Generate CSR for Third-Party Certificates,
    i follow step by step in the document of cisco until this step:
    3.
    Now that your CSR is ready, copy and paste the CSR information into any CA enrollment tool.
    In order to copy and paste the information into the enrollment form, open the file in a text editor that
    does not add extra characters. Cisco recommends that you use Microsoft Notepad or UNIX vi. Refer
    to the website of the third−party CA for more information on how to submit the CSR through the
    enrollment tool.
    After you submit the CSR to the third−party CA, the third−party CA digitally signs the certificate and
    sends back the signed certificate via e−mail.
    4.
    Copy the signed certificate information that you receive back from the CA into a file.
    This example names the file CA.pem.
    my issue is where i sould copy and paste the CSR information into any CA enrollment tool. i just have done create mykey.pem and myreq.pem in my folder OpenSSL\bin
    Please help and Thanks you.
    Regards,
    Jasa

    you have to do more steps using openssl.
    before you obtain the third−part certificate, you have to copy that on a notepad text, and you have to obtain an intermediate and root certificate from the company that gives you the certificate.
    Then you have to copy and paste on a notepad or gedit:
    SSL (the certificate that they give you)
    Intermediate (the certificate that you obtain from the company that gives you the certificate)
    Root (the certificate that you obtain from the company that gives you the certificate)
    name the text file like: allcerts.pem
    then... you have to run this commands:
    C:\OpenSSL\bin>openssl pkcs12 -export -in allcerts.pem -inkey mykey.pem -out All-certs.p12 -clcerts -passin pass:yourpassword -passout pass:yourpassowrd
    C:\OpenSSL\bin>openssl pkcs12 -in All-certs.p12 -out finalcert.pem -passin pass:yourpassword -passout pass:yourpassword
    Then you are going to have a file named: finalcert.pem, thats the one you have to update to the WLC. please note that on those lines "yourpassword" is the password you use when you create the certificate and its going to be the same that you have to use for upload to WLC.
    Note that you have to use openssl version 0.9.8 because its the only version thats WLC support
    If you have doubts please contact me.
    Have fun!

Maybe you are looking for

  • I can't load Family pack of original iWork on a new iMac. I've only used 3 of 5 computers. It keeps telling me to go buy it. What's going on?

    I have a 2007 iMac with the original version of iWork. I purchased a family pak (5 computers) and have only used 3. My wife just got her first Mac. When I put the disc in, I am unable to load it without being directed to purchase it again. I know it'

  • Hard drive noise and system performance.

    Just like normal, my hard-drive makes noises (normal clicking, etc). When I'm doing something though, like typing, the system slows down for just a split second once a noise it made, stops registering my letters and then types all the letters that we

  • Change default page of Wikis

    Hi. When i turned on the Wikis Server my default HTML page change to the attached. There are some way to change it for an html page? I created a html cool menu but its designed in HTML. Thanks !!!

  • Custom Formatted Legend

    I've been playing with Flex Charting, and I have lots of nice looking graphs that I've created from database feeds. However, what I really want to know how to do is format the chart legend better. For example I have a pie chart that has about 50 diff

  • Re-use of XSL from existing middlware to PI 7.1

    Hi Friends, I am working on SAP BC to PI7.1 migration project, existing SAP BC envirement we using XSL Mappings ,we aretrying to reuse same XSL  in PI?? but my question is its posible to re-sue same XSL in PI?? thease XSL using XALAN Parsing, any cha