O'Reilly logo

Securing WebLogic Server 12c by Rinaldi Vincenzo, Luca Masini

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Custom JAAS LoginModule

Fortunately, LoginModule uses a standard JAAS API and as such is well documented in many books and on the Internet. Here, we will write the simplest LoginModule that solves our problem of validating the principals over a legacy external SSO system using the HTTP protocol. As a didactical support, we will also write in the log when the Security Services container will call our method so that we can figure out when and how many times they are called.

Keep in mind that LoginModule is a stateful Bean; it must retain configuration data when it is initialized, and from the login callback state to the commit state (or abort or whatever) it must keep the state to answer in a correct and expected way.

Let's start with the definition; ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required