geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bill Brown <wbr...@colorfulsoftware.com>
Subject Re: filter-mapping for j_security_check
Date Wed, 18 Jul 2007 17:04:57 GMT

Thanks for your help djenks:  

I got this idea / example from what must be some dated code on the IBM dev
site: 
http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzatz/51/sec/secdform.htm


I think the additional JAAS login module in front of the Authentication
module could work I'm just not sure how to implement that in geronimo. 
Would I need to add another module configuration to the existing realm, or
would I add an additional realm for the application?   So far, I've been
able to configure/customize one of the packaged Database (SQL) Realms to do
the authentication work for the application but adding another module seems
tricky?     

Thanks for your input though.  
Bill.


djencks wrote:
> 
> The filter approach isn't going to work AFAIK because the security  
> constraints have to be evaluated/applied/etc before any user code  
> such as filters are run.  In fact IIUC there is no j_security_check  
> "servlet", that is handled directly by the web containers security  
> system.
> 
> Is there some reason you can't put your validation logic in an  
> (additional) login module?
> 
> thanks
> david jencks
> 
> On Jul 18, 2007, at 9:05 AM, Bill Brown wrote:
> 
>>
>> Greetings:
>>
>> I have an app with container managed security.  There is a login  
>> form that
>> uses j_username and j_password to post to j_security_check.  I  
>> would like to
>> perform some validation on the j_username and j_password to make  
>> sure the
>> data entered is valid before checking the credentials against the  
>> db.  I
>> tried using a filter with filter-mapping in web.xml, but the filter  
>> isn't
>> getting called.  Below is the filter mapping.  Does anyone know how  
>> to do
>> this in geronimo 2.0?  Is this possible?
>>
>> <filter>
>> 	<filter-name>loginValidator</filter-name>
>> 	<filter-class>
>> 		com.abc..LoginValidateFilter
>> 	</filter-class>
>> </filter>
>>
>> <filter-mapping>
>>         <filter-name>loginValidator</filter-name>
>> 	<url-pattern>/j_security_check</url-pattern>
>> 	<dispatcher>REQUEST</dispatcher>
>> 	<dispatcher>FORWARD</dispatcher>
>> </filter-mapping>
>>
>> I also tried the mapping without the <dispatcher> elements and it  
>> didn't
>> work either.   Thanks for any more information or clarification.
>>
>> Bill.
>>
>> -- 
>> View this message in context: http://www.nabble.com/filter-mapping- 
>> for-j_security_check-tf4104213s134.html#a11671705
>> Sent from the Apache Geronimo - Users mailing list archive at  
>> Nabble.com.
>>
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/validation-for-j_security_check-tf4104213s134.html#a11672763
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.


Mime
View raw message