saturon wrote:
> Hi,
>
> I wanted to configure my web application with a jsr 196 auth module.
> For this i found some guidance at ron's blog
> _http://blogs.sun.com/enterprisetechtips/entry/adding_authentication_mechanisms_to_the_
> . Unfortunately it does not really explain how to link a custom realm
> I configured in with the ServerAuth module.
>
Configuring a SAM is like definining a new/custom auth-method under
login-config. In other words the SAM provide a way of defining and
plugging in a new authentication method.
The SAM Framework does not provide any automatic ways of linking with
custom relams that you may have defined. For now you would have to call
something like :
LoginContextDriver.login(String username, String password, String
realmName)
Note this is a not supposed to be a public API.
> I did not find a place where I can tell my application to use my
> foo-realm, instead of the default file realm.
>
> Another question I have is how the web.xml security constraints are
> handled, will they be still be processed, and what about
> login-configs? Will login-configs be ignored?
>
Since the SAM is ineffect introducing a new auth-method, the security
constraints processing would happen as expected. The login-config would
be ignored though. The successful processing of security constraints
depends on the precondition that the SAM has made appropriate Callbacks
to set the Caller Principal and Groups as required by the container for
security constraint processing.
regards,
kumar
> Thanks Mark
>