incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Harry Metske <>
Subject Re: Linking JSPWiki user-ids to an external security package
Date Tue, 10 Feb 2009 17:37:17 GMT

it sometimes surprises me how many people run it on z/OS :-)
You can solve your problem in two ways, using a Tomcat realm (if you run
tomcat off course), or using a JAAS login module.
I have done both, I would prefer the second one.
I can get you the source and binaries if you like, or maybe it's better if I
create a page on and document it there and attach the

What the loginmodule does is comparable to JSPWiki's
UserDatabaseLoginModule, but instead of looking up the userdatabase.xml it
calls IBM's Java for SAF interfaces (
to validate userid/pw, and throw loginexceptions based on the return/reason
There's also a simple Helper class that translates the most common codes to
human readable messages like "password expired".

Let me know if you're interested.


2009/2/10 Carlson, Eric R <>

> Is there any way to link the JSPWiki user database to an external security
> package?
> Specifically, we are running JSPWiki 2.8.1 in Unix System Services under
> z/OS 1.9.  We have RACF running on z/OS.  I'd like JSPWiki to be able to
> check the user's RACF user-id and password to verify security.
> I realize that there aren't many people out there running JSPWiki under
> z/OS, but if someone has had experience using JSPWiki with some other
> external security package it may help point me in the right direction.
>                                                Eric Carlson
>                                                            The Kroger Co.
> ________________________________
> This e-mail message, including any attachments, is for the sole use of the
> intended recipient(s) and may contain information that is confidential and
> protected by law from unauthorized disclosure. Any unauthorized review, use,
> disclosure or distribution is prohibited. If you are not the intended
> recipient, please contact the sender by reply e-mail and destroy all copies
> of the original message.

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message