-
FEATURED COMPONENTS
First time here? Check out the FAQ!
Hi,
I have spent some time trying to find the best solution how to make a ZK login form for the JAAS on JBoss server. Finally, I have found the org.jboss.web.tomcat.security.login.WebAuthentication class, see http://roneiv.wordpress.com/2008/03/15/using-webauthentication-in-jboss/.
To make it work, one has to put into zk.xml:
<system-config> <disable-event-thread /> </system-config>
then just make a normal ZK form (e.g. /public/login.zul), with a button
<button label="Login"> <attribute name="onClick"> org.jboss.web.tomcat.security.login.WebAuthentication webAuthentication = new org.jboss.web.tomcat.security.login.WebAuthentication(); if (webAuthentication.login(tbusername.getValue(), tbpassword.getValue())) { // LOGIN SUCCESS Executions.sendRedirect((String)requestScope.get("referer")); } else { // LOGIN FAILED } </attribute> </button>
and then you can use JAAS security and form login in web.xml:
<login-config> <auth-method>FORM</auth-method> <realm-name>Blue Tiger</realm-name> <form-login-config> <form-login-page>/public/login.zul</form-login-page> <form-error-page>/public/login.zul</form-error-page> </form-login-config> </login-config>
The URL patterns '/public/login.zul' and '/zkau/*' must stay unprotected web.xml.
If you like, I can make some small talk about it, including a set up for the database login, session bean security and JPA/Hibernate entities.
xmedeko,
That would be great! I think the community would love to see how to handle the ZK and JAAS on JBoss. You can just go ahead :)
I will make a two talks, the first one about the plain form login
http://docs.zkoss.org/wiki/Form_Based_Login_with_JAAS_on_JBoss_and_ZK
and the second one using WebAuthentication:
http://docs.zkoss.org/wiki/Ajax_and_ZK_Based_Login_with_JAAS_on_JBoss
Asked: 2009-08-06 10:28:08 +0800
Seen: 1,048 times
Last updated: Aug 11 '09