I was pointed to the following blog entry by a JBoss user that talks about the painful journey experienced by the user with various versions of JBoss until we added the very useful feature of Programmatic Web Login.
The blog entry from the user is:
Perform a JAAS programmatic login in Jboss - try to solve the “empty” remote user problem
I am all for having an active dialog with JBoss users in the blogosphere.
I invite users to subscribe to the "JBoss Security Beta Program" mailing list which is accessible at the Red Hat mailing lists here. This is a moderated no-spam mailing list, which provides an excellent communication platform between JBoss and its users (as far as security is concerned).
Thank you for interest in my post. But yes, I was very pleased that this feature was added, having struggled with different login-cases for some time the WebAuthentication class was really a relief when I discovered it. :)
I don't know who updates what on the jboss wiki pages, but in most cases when I searched for jboss and programmatic login I ended up at the SequrityFAQ (http://wiki.jboss.org/wiki/Wiki.jsp?page=SecurityFAQ). Reading Q21 there you get no clues that this feature exists, and I actually discovered the WebAuthentication by chance. (Even if I now know that there is a wiki page about it under JbossSX). So perhaps it could be a good idea to update the securityFaq page a bit to help other users struggling with the same problem. :)
Thank you again for a nice feature!
Post a Comment