geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: j_security_check Question
Date Sat, 31 Jul 2010 02:18:19 GMT
You need to write a custom login module for this.  It should be pretty easy to modify the sql
login module, but you definitely can't use the existing one.  For one thing you need a CallableStatement
to execute the stored procedure.  On the other hand the java code should be a lot simpler.

thanks
david jencks

On Jul 30, 2010, at 4:06 PM, Tim McConnell wrote:

> Hi, I would like to use standard J2EE Form-based authentication using a j_security_check
request to authenticate a user against an Oracle database. However, the password stored in
the database is encrypted, and the only way to authenticate against that database is to invoke
a stored-procedure passing the Usernanme/Password from the login form, and the stored-procedure
will return a 'Y' or 'N' indicating the success/failure of the authentication. This doesn't
seem to me to fit into the "Database (SQL) Realm" that I see in Geronimo where a "User SELECT
SQL" statement is required to return two columns: Username and Password.
> 
> Is this scenario easily possible with the current Security Realm types in Geronimo ??
Or do I need to use the "Other" security realm type and write a custom Login module ?? Examples
would be appreciated. Thanks much.....
> 
> -- 
> Tim McConnell


Mime
View raw message