• Post Reply Bookmark Topic Watch Topic
  • New Topic

Custom Login Modules Break COTS J2EE Application  RSS feed

Frank Griffith
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello... I'm posting this here because I've already tried the OTN forum... any help is greatly appreciated...

I'm using a custom login module to authenticate users of a COTS J2EE application. The authentication works like a charm, but the COTS app breaks because it uses request.getRemoteUser() to obtain the user name for database lookups.

When the custom login is in use, request.getRemoteUser() returns "[JAZNUserAdaptor: user=theuser]" instead of simply the user name (this differs from the standard XML provider, which returns only the user name).

I used the sample login module from the Oracle documentation almost verbatim, the method is included below.

Does anyone know why getRemoteUser() returns "[JAZNUserAdaptor: user=theuser]" and not just the user name? And how to make it stop doing that?

public boolean login() throws LoginException {
throw new LoginException("Error: no CallbackHandler available "
+ "to garner authentication information from the user");

// Setup default callback handlers.
Callback[] callbacks = new Callback[] { new NameCallback("Username: "),
new PasswordCallback("Password: ", false) };

try {
} catch (Exception e) {
_succeeded = false;
throw new LoginException(e.getMessage());

String username = ((NameCallback) callbacks[0]).getName();
String password = new String(((PasswordCallback) callbacks[1]).getPassword());

if (isValidUser(username, password)) {

_succeeded = true;
_password = password.toCharArray();
_name = username;

_authPrincipals = new CMPrincipal[2];
_authPrincipals[0] = new CMPrincipal(_name);
_authPrincipals[1] = new CMPrincipal("SecurityRole");


((PasswordCallback) callbacks[1]).clearPassword();
callbacks[0] = null;
callbacks[1] = null;

if (!_succeeded) {
System.out.println("login did not succeed... throwing LoginException...");
throw new LoginException("Authentication failed: Password does not match");

return true;
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!