Skip to Content
0
Former Member
Jan 04, 2006 at 05:46 AM

SAP Login Module implementation vs Java recommendation

22 Views

Hi,

I am implementing a custom login module for authentication. The sample

code that is available at sdn and help.sap is a bit different from what

is recommended as the JAAS specification by Sun. Please refer to the

Sun's recommendation at

http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/JAASLMDevGuide.html and

http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/SampleLoginModule.java

There are some marked differences in what is recommended by Sun and the

sample login module available at the sdn and help.sap site.

I am wondering if the Sun's recommendation is supported by SAP with

WebAS or should the login modules be on lines similar to the SAP's

sample login module.

Please let me know if someone can confirm on this or has any information on the same?

Typical recommendations from Sun which are not available in SAP's

sample login module implementations are mentioned below:

1. For the login() method, it is recommended that nothing be stored in

the shared state, where as sample login module stored username in the

shared state in the login() method. Perhaps this is required for use by

CreateTicketLoginModule

2. The return value of commit() method should be determined by the

return value of the login method, where as sample login module returns

a true even when the login() method has failed. Only in case of a login

exception (from callbacks) the commit returns false.

3. Similarly the return value of abort() method should be appropriately

determined by the return values of both login and commit methods.

Whereas the sample login module does not care about the return value of

commit() method

These are some of the examples. My question is that does SAP support

Sun's recommendation of JAAS login module to be used with WebAS or

should the Login MOdules be completely based upon the recommendations

as mentioned in the SAP's sample login module.

Looking forward to your response!

Thanks.