Hi,
here is a sample implementation from OpenSSO/OpenAM. Here we
authenticate using a session ID, so no passwords are involved
whatsoever. (works with GFv2&3, don't know about v4)
https://svn.forgerock.org/openam/trunk/openam-agents/jee-agents/jee-agents-appserver/jee-agents-appserver-v81/src/main/java/com/sun/identity/agents/appserver/v81/AmASRealm.java
and the corresponding LoginModule impl:
https://svn.forgerock.org/openam/trunk/openam-agents/jee-agents/jee-agents-appserver/jee-agents-appserver-v81/src/main/java/com/sun/identity/agents/appserver/v81/AmASLoginModule.java
Hope this helps.
cheers,
Peter
2013.07.04. 11:51 keltezéssel, Witold Szczerba írta:
> Hi there,
> can you tell me what are the options if I want to do a programmatic
> login without a password?
> In my application, users are stored in LDAP with passwords. But they
> can also choose to sign-in through OpenID - in that case we do import
> them into our LDAP without passwords.
>
> I was thinking I can check the user myself and then I would like to
> "tell" the application server that the user is OK (or not).
>
> I have found a post on this mailing group with similar question, the
> answer was to write custom realm. The hint was to re-use as much as
> possible from existing code.
>
> I have found sources of LDAPRealm - it is not extendible, all the
> crucial parts are private. Also, the AppservRealm which seems to be a
> base class is such a huge amount of code...
>
> The questions are:
> 1) What is the simplest way to do programmatic login without a password?
>
> 2) Is there any chance to make it application-server independent, I
> mean to use only Java/JavaEE API, not Glassfish API?
>
> Thanks,
> Witold Szczerba
>