On 24/03/11 5:13 AM, forums_at_java.net wrote:
> My understanding is that JSR 196 is not for application developers,
> but for
> container vendors, so I'd like to stay away unless there really is no
> other
> choice. I'm not exactly where the lines are drawn, but creating a custom
> LoginModule and Realm might be included in that.
>
> I've actually got a need to authenticate against NIS in addition to LDAP,
> and I'm not seeing any pre-made NIS support in GlassFish so I might
> have to
> get my hands dirty anyways.
>
JSR 196 can give you more power just like a ServletFilter and in
addition can also handle the integration of authentication results with
the container in a standard way by using the CallerPrincipalCallback and
GroupPrincipalCallback.
GlassFish allows developers to configure their own custom JSR 196 Server
Auth Modules at the HttpServlet Layer and the SOAP Layer. IOW it
provides a way of supporting new authentication mechanisms in GlassFish
(example OpenId, OAuth or any other custom authentication etc).
Whether you need a custom 196 module or not depends on what is the
problem at hand. If the problem at hand is not a about a New
Authentication Mechanism and instead it is about using a new
Authentication Store (user database) with an existing Mechanism then it
is not a good idea to write a new SAM. Instead it can just be a new
Custom Realm.
If a JAAS login module for authenticating with the store exists with
you, then either you can wrap it up with a new Realm or you can also use
the JSR 196 Login Bridge Profile.
>
> --
>
> [Message sent by forum member 'slominskir']
>
> View Post: http://forums.java.net/node/735641
>
>