This link from sun's blog helped a ton but there were things I felt like left out that did not come to me easily. (Sun Blog Post) There are a few things to consider when creating your custom Realm and login module. The jar library appserv-rt.jar is not provided in any maven repository. So create a maven project and add the jar to the src/main/resources folder of the project and use the system to specify the path.
Add this dependency entry to your pom.xml file:
<dependency>
<groupId>com.sun</groupId>
<artifactId>appserv-rt</artifactId>
<scope>system</scope>
<version>9.1</version>
<systemPath>${basedir}/src/main/resources/appserv-rt.jar</systemPath>
</dependency>
Now that you have the dependency that you need you can create a new class that extends com.sun.appserv.security.AppservRealm. Override the init, getGroupNames, getAuthType. The init method should set up the webservice port needed to make a call. I included an authorization function that takes a username and password and calls the login function or throws a LoginException if it fails.
Next create a second class that extends com.sun.appserv.security.AppservPasswordLoginModule. Override the authenticateUser method. There are a few protected fields that are useful from this parent class including _logger, _username, _password, and _currentRealm. The username and password are what the user enters. the current Realm should be your custom Realm you created before so you may have some logic to verify it is an instance of the custom Realm and then Cast to the custom Realm. once Casted to the Realm then you I call the authorization function and pass it the username and password from the LoginModule and it returns a String[] of groups the user has available. These groups and can any names you want and at the end call commitUserAuthentication(groups).
Compile this jar and put the file in the glassfish/lib folder.
Then configure your domain/config/login.conf file and add something similar:
myCustomRealm {
com.package.path.to.CustomLoginModule required;
};
Reboot glassfish and then goto the admin control panel. Configuration->Security->Realms create New Realm. Name it mycustom-realm or what ever. Choose to enter your custom Realm class with the full package name to the class.
Then add an additional property
name = "jaas-context" and the
value = "myCustomRealm".
This value is the same as entered in the login.conf file.
Hopefully this helps anyone out there struggling like I was.
Here are some useful links that I referenced.
- http://docs.sun.com/app/docs/doc/820-4496/fvyme?a=view
- http://blogs.sun.com/nasradu8/entry/loginmodule_bridge_profile_jaspic_in
- http://blogs.sun.com/enterprisetechtips/entry/adding_authentication_mechanisms_to_the
- http://blogs.sun.com/foo/entry/mort_learns_jdbc_realm_authentication
- http://tamastarjanyi.blogspot.com/2008/10/glassfish-custom-login-module-and-realm.html
No comments:
Post a Comment