I'm currently involved in a project to extend our cookie based SSO to an application using JAAS which I felt to be the best way of achieving the goal. I have written a CallbackHandler which will handle extracting the username and password from the cookies but I'm really not sure as to how to set up the callback from the LoginModule to get the names to check against the db and would very much appreciate some advice on the best way of doing this:
Iain: [QB]I have written a CallbackHandler which will handle extracting the username and password from the cookies but I'm really not sure as to how to set up the callback from the LoginModule to get the names to check against the db
Looking at the posted code it seems that you have done what is required to request a callback from the callback handler(assuming that the callback handler is set appropriately). Can you tell as to what is going wrong? Is there any specific problem you are facing?
I am not sure about your database table structure but you seem to get user name and password from two different tables without specifying the user name in the password lookup query! How is this supposed to work? How do you know that the password you have retrieved is indeed for the requested user?
Apologies for the tardiness of the reply, an upgrade went interestingly well.
Uh oh, we're definitely being carded. Here, show him this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop