Is it possible to show a custom error message in a custom login module with JAAS in EAP 7.2?

Latest response

Does the solution described on https://access.redhat.com/solutions/3190602 still work with EAP 7.2? How do you get error from out of the error page?

I am working on upgrading from Jboss 5.1 to 7.2 and when the LoginModule throw a javax.security.auth.login.LoginException it is going to Form error page. The JSP is checking for error but is null.

E.g.
// 5.1 excp was instance of LoginException, but is null.
Exception ex = (Exception) session.getAttribute("j_exception");

I also tried...
Exception ex = (Exception) request.getAttribute("javax.servlet.error.exception");

Could not find anything in session or request with the error.

In Web.xml:

    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/login/login_tile.jsf</form-login-page>
            <form-error-page>/login/error.jsp</form-error-page>
        </form-login-config>
    </login-config>

In Jboss-web.xml:

<jboss-web>
    <security-domain>java:/jaas/cp-netmark</security-domain>
    <context-root>mydomain</context-root>
    <valve>
        <class-name>org.jboss.as.web.security.ExtendedFormAuthenticator</class-name>
    </valve>    
</jboss-web>

In standalone-full.xml:

 <security-domain name="cp-mydomain" cache-type="default">
    <authentication>
        <login-module code="bls.security.NMLoginModule" flag="required">
            <module-option name="loginFailureLimit" value="3"/>
            <module-option name="passwordExpireDays" value="60"/>
        </login-module>
        <login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional">
            <module-option name="rolesProperties" value="META-INF/roles.properties"/>
            <module-option name="replaceRole" value="true"/>
            <module-option name="jboss.security.security_domain" value="cp-mydomain"/>
            <module-option name="password-stacking" value="useFirstPass"/>
        </login-module>
    </authentication>
</security-domain>

Context.xml:

<Context cookies="true" crossContext="true">
    <Valve className="org.jboss.web.tomcat.security.ExtendedFormAuthenticator"
        includePassword="false" />
</Context>

I read that the Context.xml is not longer used, and to put in jboss-xml

I tried:

    <valve>
       <class-name>org.jboss.as.web.security.ExtendedFormAuthenticator</class-name>
       <param>
           <param-name>includePassword</param-name>
           <param-value>false</param-value>
       </param>        
    </valve>

Where is the ExtendedFormAuthenticator class to use?

FF

Responses