Win a copy of Cross-Platform Desktop Applications: Using Node, Electron, and NW.js this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Passing information beyond username and password to JAAS  RSS feed

Jack Houghton
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have overidden the default security provider and wrote a custom LoginModule to authenticate to Tomcat 6.0.18. When a user successfully logs in, I write information to the database to track that the user logs in. I also add a cookie that maps the login to the information in the database. I do this to allow other web sites under the same domain (Apache/PHP) to see that the user is already logged in and allow them to access the protected components of those sites. This works the same way in the other direction. A user can log in to one of the other sites and the cookie is added. I would like to pass the cookie information to the LoginModule to verify that the user is logged in and authenticate to Tomcat. I was thinking of changing the user name to be some string and then the key value in the cookie in order that I may access the value via j_username, but I think that is a hack and would like to be able to pass dynamic information to the LoginModule. I know that you can pass information through the JAAS config file, but that is only for static data.

Any help is appreciated
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!