Integration of a JAAS login moduleIntegration of a JAAS login modulehttps://liferay.dev/en/c/message_boards/find_thread?p_l_id=119785333&threadId=362302024-03-29T09:07:28Z2024-03-29T09:07:28ZIntegration of a JAAS login moduleThoemmi Thoemmihttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785333&messageId=362422004-09-06T08:03:06Z2004-09-06T08:03:06ZHi Brian,<br /><br />if I understand you correctly, there&#39;s no way to add our own JAAS module without patching Liferay&#39;s sources? At least I don&#39;t see a chance to make our module <i>required</i> instead of <i>sufficient</i>.<br /><br />Best regards,<br />ThomasThoemmi Thoemmi2004-09-06T08:03:06ZIntegration of a JAAS login moduleBrian Chanhttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785333&messageId=362402004-09-03T15:18:00Z2004-09-03T15:18:00ZThat&#39;s because on startup of the app server, we have a hook that implements our own Configuration. We do this to make it so Liferay&#39;s JAAS can work on other app servers with minimal JAAS configuration.<br /><br />See com.liferay.portal.events.InitAction<br /><br />Others have modified this class to do exactly what you mentioned. I still wouldn&#39;t recommend it as it would make upgrading Liferay versions in the future very difficult.<br /><br />It would be better to just implement your own Liferay Authentication class. The reason is, even if you do authenticate a user, unless an entry in the db exists for that user, he won&#39;t be able to login. This is why we always force you to go through our authenticator first.<br /><br />See<br /><br /><a href='http://www.liferay.com/documentation/development_authentication.jsp' target='_blank'>http://www.liferay.com/documentation/devel...hentication.jsp</a><br /><br />Also, users can login unix style or email style (bchan or as bchan@liferay.com). This is all taken care of in our authenticators. You&#39;d lose that if you were to use just JAAS (although some companies have taken this route).<br />Brian Chan2004-09-03T15:18:00ZIntegration of a JAAS login moduleThoemmi Thoemmihttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785333&messageId=362382004-09-03T14:12:08Z2004-09-03T14:12:08ZWe have our own login module dervied from javax.security.auth.spi.LoginModule. Though we have changed the config files as I described above, and set our module to be <i>required</i>, Liferay changes it to <i>sufficient</i>. So even if our login fails, the user is still authenticated by the standard Liferay module.Thoemmi Thoemmi2004-09-03T14:12:08ZIntegration of a JAAS login moduleMichael Younghttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785333&messageId=362362004-09-03T14:08:20Z2004-09-03T14:08:20ZHmm, looks like you have taken the right steps. If you&#39;re not writing Liferay specific code, then you&#39;re probably writing JBOSS speicific code because they force you to extend from their login modules. Can you give more detail on your implementation.Michael Young2004-09-03T14:08:20ZIntegration of a JAAS login moduleThoemmi Thoemmihttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785333&messageId=362342004-09-03T10:09:06Z2004-09-03T10:09:06ZI&#39;ve forgotten to mention that we want to avoid writing Liferay specific code, but try to keep our code as generic as possible.<br /><br />Regards,<br />ThomasThoemmi Thoemmi2004-09-03T10:09:06ZIntegration of a JAAS login moduleThoemmi Thoemmihttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785333&messageId=362292004-09-03T09:39:13Z2004-09-03T09:39:13ZHi all,<br /><br />I&#39;m trying to add my own JAAS login module to Liferay, more specific in the JBoss/Tomcat distribution. However, it won&#39;t work properly. Any hints how to do it? Here&#39;s what I&#39;ve done till now:<ul><li>I&#39;ve put my login module jar in <i>JBOSS/server/default/lib</i>.</li><li>In <i>JBOSS/server/conf/login-config.xml</i> I&#39;ve added an application policy with the name <i>MyRealm</i> and the code tag pointint to my login module.</li><li>In <i>JBOSS/server/default/deploy/ext.ear/portal-ejb.jar/META-INF/jboss.xml</i> I&#39;ve changed the security domain to <i>java:/jaas/MyRealm</i>.</li><li>In <i>JBOSS/server/default/deploy/ext.ear/portal-web-complete.war/WEB_INF/web.xml</i> I changed the login-config&#39;s realm-name to <i>MyRealm</i>. </li><li>