You need to write a custom login module for this. It should be pretty easy to modify the sql
login module, but you definitely can't use the existing one. For one thing you need a CallableStatement
to execute the stored procedure. On the other hand the java code should be a lot simpler.
thanks
david jencks
On Jul 30, 2010, at 4:06 PM, Tim McConnell wrote:
> Hi, I would like to use standard J2EE Form-based authentication using a j_security_check
request to authenticate a user against an Oracle database. However, the password stored in
the database is encrypted, and the only way to authenticate against that database is to invoke
a stored-procedure passing the Usernanme/Password from the login form, and the stored-procedure
will return a 'Y' or 'N' indicating the success/failure of the authentication. This doesn't
seem to me to fit into the "Database (SQL) Realm" that I see in Geronimo where a "User SELECT
SQL" statement is required to return two columns: Username and Password.
>
> Is this scenario easily possible with the current Security Realm types in Geronimo ??
Or do I need to use the "Other" security realm type and write a custom Login module ?? Examples
would be appreciated. Thanks much.....
>
> --
> Tim McConnell
|