Uploaded image for project: 'Application Server 3  4  5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-2352

Enhance FORM based authentication to allow for transparent auth, error messages

    Details

    • Type: Feature Request
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Out of Date
    • Affects Version/s: JBossAS-4.0.3 Final
    • Fix Version/s: No Release
    • Component/s: Web (Tomcat) service
    • Labels:
      None
    • Environment:

      All

      Description

      Presently FORM based authentication does not allow developers to provide common functionality such as 'remember me' cookies, transparent authentication (from request attributes), and login failure error messages (somewhat addressed by ExtendedFormAuthenticator)

      These can be accomplished by extending the existing functionality (FormAuthenticator); unfortunately, the FormAuthenticator that ships w/ JBoss 4.0.3 does not have the necessary hooks for this.

      The attached code (auth.zip) demonstrates how we accomplished this; the primary change is in BaseCustomFormAuthenticator, with the addition of:

      1) getUserCredentials method that looks for user credentials in the request (remember me cookie, IP address, query string, etc.)
      2) getCredentialsFromFormFields that pulls credentials from j_username and j_password - can be extended to pull other attributes as well
      3) Addition of onFailedAuthentication hook to allow for inserting authentication exceptions into request scope
      4) Addition of inlineAuthentication flag (set if credentials are found in request) to prevent restoring original request (in the case of inline auth, this is the original request)

      The default implementation matches existing behaviour; see ChoicesFormAuthenticator for an example of how behaviour can be extended.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                clee.bridges.com Chris Lee
              • Votes:
                4 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: