|

»

»

Using Custom FromAuthenticator in Security Handler

View: New views

4 Messages — Rating Filter: Alert me

	Using Custom FromAuthenticator in Security Handler by vnamboo :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, I am injecting my custom form authenticator class, which extends JETTY FormAuthenticator, to SecurityHandler using Spring. But I could see that my custom form authenticator's authenticate method is never triggered rather default FormAuthenticator is used. Please advice why it is happening.
	Re: Using Custom FromAuthenticator in Security Handler by florin.g :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I've used a CustomLoginModule extending AbstractLoginModule with JAAS successfuly. See whether your jetty configuration files are updated to reflect the desired implementation. In my case I had to update the element <Set name="UserRealms"> in jetty-jaas.xml to match the web.xml security-constraints. Florin vnamboo wrote: Hi, I am injecting my custom form authenticator class, which extends JETTY FormAuthenticator, to SecurityHandler using Spring. But I could see that my custom form authenticator's authenticate method is never triggered rather default FormAuthenticator is used. Please advice why it is happening.
	Re: Using Custom FromAuthenticator in Security Handler by vnamboo :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message The issue was that the CustomFormAuthenticator I was injecting into the JETTY SecurityHandler was overwritten by WebXmlConfiguration class later in the initialization process. Instead it should have populated the web.xml's form-login-page and form-error-page values in the inject bean. I had to take a round about way to solve this by extending security handler and overriding setAuthenticator method and doing some trick there. Now it works!!! Here I am not using jetty configuration at all. I've used a CustomLoginModule extending AbstractLoginModule with JAAS successfuly. See whether your jetty configuration files are updated to reflect the desired implementation. In my case I had to update the element <Set name="UserRealms"> in jetty-jaas.xml to match the web.xml security-constraints. Florin vnamboo wrote: Hi, I am injecting my custom form authenticator class, which extends JETTY FormAuthenticator, to SecurityHandler using Spring. But I could see that my custom form authenticator's authenticate method is never triggered rather default FormAuthenticator is used. Please advice why it is happening.
	Re: Using Custom FromAuthenticator in Security Handler by cybr :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Would you provide a working code sample? Thanks. The issue was that the CustomFormAuthenticator I was injecting into the JETTY SecurityHandler was overwritten by WebXmlConfiguration class later in the initialization process. Instead it should have populated the web.xml's form-login-page and form-error-page values in the inject bean. I had to take a round about way to solve this by extending security handler and overriding setAuthenticator method and doing some trick there. Now it works!!! Here I am not using jetty configuration at all. florin.g wrote: I've used a CustomLoginModule extending AbstractLoginModule with JAAS successfuly. See whether your jetty configuration files are updated to reflect the desired implementation. In my case I had to update the element <Set name="UserRealms"> in jetty-jaas.xml to match the web.xml security-constraints. Florin vnamboo wrote: Hi, I am injecting my custom form authenticator class, which extends JETTY FormAuthenticator, to SecurityHandler using Spring. But I could see that my custom form authenticator's authenticate method is never triggered rather default FormAuthenticator is used. Please advice why it is happening.