> The implementation as a jaas-LoginModule was pretty
> simple and works, but not within the glassfish
> application server. I know that I must extend
> AppservPasswordLoginModule, but then I can only
> retrieve a username and a password for the login. I
> read about Server authentication modules (SAM) in JSR
> 196 which can be used to accomplish more complex
> authentication tasks, but I don't know if I can use
> them as I am implementing an application client and
> not a web-application or webservices.
>
> This leaves me asking some questions:
> 1. Can I use a SAM in combination with a application
> client? If yes: how?
the jsr 196 spi supports both client (CAM) and server (SAM) authentication
modules, configuration, etc; ... but you need to have a client runtime that makes the necessary calls to the spi, to find and invoke the CAM or CAMS. In Glassfish our web service clients
are able to invoke CAMs, but we currently don't have ejb or http client runtimes that use jsr 196.
> 2. Is there another way to integrate a LoginModule to
> the application server?
> 3. I have found found a method called
> setLoginModuleForAuthentication() inside the
> AppservPasswordLoginModule, but the method is not
> used within the AppservPasswordLoginModule. Is it
> just a fragment? Or can I use it to integrate my
> custom login module?
>
> Thank you in advance
not sure, I'll leave it to someone else to answer that part.
Ron
[Message sent by forum member 'monzillo' (ronald.monzillo_at_sun.com)]
http://forums.java.net/jive/thread.jspa?messageID=388083