Question

I was wondering if it was possible to have a Java EE application with multiple JAAS security realms. I m currently developing an application in which some users need to be authenticated with data stored in a database, while other users need to be authenticated through an LDAP bind.

So I created 2 security realms in glassfish 3.1, a JDBC realm and an LDAP realm and configured my web.xml to use the LDAP realm (most users are LDAP).

I then use :

  HttpServletRequest request = (HttpServletRequest) context.getExternalContext().getRequest();
  request.login(username, password);

to authenticate user

is it possible to switch to JDBC realm before calling request.login ?

thanks in advance

Answer 1

Have you seen this?

Cross-Domain Single Sign-On Authentication with JAAS http://www.devx.com/security/Article/28849/1954

Answer 2

I have seen somewhere that you can configure to use two realms or two methods in one realm, that if the first fails it will try the second. I dont know where I saw it sorry. Perhaps that will point you in the right direction.

Answer 3

You must program your custom JAAS login module that try authenticate in method and if is not work try method B.

In you application is transparently all works in the JAAS login module.

友情链接