geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim McConnell <>
Subject Re: j_security_check Question
Date Sat, 31 Jul 2010 03:11:38 GMT
Wonderful -- thanks David

On 7/30/2010 10:18 PM, David Jencks wrote:
> You need to write a custom login module for this.  It should be pretty easy to modify
the sql login module, but you definitely can't use the existing one.  For one thing you need
a CallableStatement to execute the stored procedure.  On the other hand the java code should
be a lot simpler.
> thanks
> david jencks
> On Jul 30, 2010, at 4:06 PM, Tim McConnell wrote:
>> Hi, I would like to use standard J2EE Form-based authentication using a j_security_check
request to authenticate a user against an Oracle database. However, the password stored in
the database is encrypted, and the only way to authenticate against that database is to invoke
a stored-procedure passing the Usernanme/Password from the login form, and the stored-procedure
will return a 'Y' or 'N' indicating the success/failure of the authentication. This doesn't
seem to me to fit into the "Database (SQL) Realm" that I see in Geronimo where a "User SELECT
SQL" statement is required to return two columns: Username and Password.
>> Is this scenario easily possible with the current Security Realm types in Geronimo
?? Or do I need to use the "Other" security realm type and write a custom Login module ??
Examples would be appreciated. Thanks much.....
>> --
>> Tim McConnell

Tim McConnell

View raw message