Hello... I'm posting this here because I've already tried the OTN forum... any help is greatly appreciated...
I'm using a custom login module to authenticate users of a COTS
J2EE application. The authentication works like a charm, but the COTS app breaks because it uses request.getRemoteUser() to obtain the user name for database lookups.
When the custom login is in use, request.getRemoteUser() returns "[JAZNUserAdaptor: user=theuser]" instead of simply the user name (this differs from the standard XML provider, which returns only the user name).
I used the sample login module from the Oracle documentation almost verbatim, the method is included below.
Does anyone know why getRemoteUser() returns "[JAZNUserAdaptor: user=theuser]" and not just the user name? And how to make it stop doing that?
public boolean login() throws LoginException {
throw new LoginException("Error: no CallbackHandler available "
+ "to garner authentication information from the user");
// Setup default callback handlers.
Callback[] callbacks = new Callback[] { new NameCallback("Username: "),
new PasswordCallback("Password: ", false) };
try {
_callbackHandler.handle(callbacks);
} catch (Exception e) {
_succeeded = false;
throw new LoginException(e.getMessage());
}
String username = ((NameCallback) callbacks[0]).getName();
String password = new String(((PasswordCallback) callbacks[1]).getPassword());
if (isValidUser(username, password)) {
_succeeded = true;
_password = password.toCharArray();
_name = username;
_authPrincipals = new CMPrincipal[2];
_authPrincipals[0] = new CMPrincipal(_name);
_authPrincipals[1] = new CMPrincipal("SecurityRole");
}
((PasswordCallback) callbacks[1]).clearPassword();
callbacks[0] = null;
callbacks[1] = null;
if (!_succeeded) {
System.out.println("login did not succeed... throwing LoginException...");
throw new LoginException("Authentication failed: Password does not match");
}
return true;
}
