users@glassfish.java.net

Re: Programmatic login without password

From: Richard Kolb <rjdkolb_at_gmail.com>
Date: Thu, 4 Jul 2013 13:05:25 +0200

Hi Witold

> 1) What is the simplest way to do programmatic login without a password?

I would not do it that way, I think the below will help you.

>2) Is there any chance to make it application-server independent, I mean
to use only Java/JavaEE API, not Glassfish API?

There is an option to write your own realm and user this :
http://code.google.com/p/vt-middleware/wiki/vtldapAuthentication

You will then have the power to do as you wish.

regards
Richard.







On 4 July 2013 12:51, Witold Szczerba <pljosh.mail_at_gmail.com> wrote:

> Hi there,
> can you tell me what are the options if I want to do a programmatic
> login without a password?
> In my application, users are stored in LDAP with passwords. But they
> can also choose to sign-in through OpenID - in that case we do import
> them into our LDAP without passwords.
>
> I was thinking I can check the user myself and then I would like to
> "tell" the application server that the user is OK (or not).
>
> I have found a post on this mailing group with similar question, the
> answer was to write custom realm. The hint was to re-use as much as
> possible from existing code.
>
> I have found sources of LDAPRealm - it is not extendible, all the
> crucial parts are private. Also, the AppservRealm which seems to be a
> base class is such a huge amount of code...
>
> The questions are:
> 1) What is the simplest way to do programmatic login without a password?
>
> 2) Is there any chance to make it application-server independent, I
> mean to use only Java/JavaEE API, not Glassfish API?
>
> Thanks,
> Witold Szczerba
>