Unable to bypass useFirstPass module option in the custom login module
Issue
- When using
picketbox useFirstPass
, why does the last line of this method inorg.jboss.security.auth.spi.AbstractServerLoginModule
of picketbox jar return false?
public boolean login() throws LoginException
{
PicketBoxLogger.LOGGER.traceBeginLogin();
loginOk = false;
// If useFirstPass is true, look for the shared password
if( useFirstPass == true )
{
try
{
Object identity = sharedState.get("javax.security.auth.login.name");
Object credential = sharedState.get("javax.security.auth.login.password");
if( identity != null && credential != null )
{
loginOk = true;
return true;
}
// Else, fall through and perform the login
}
catch(Exception e)
{ // Dump the exception and continue
PicketBoxLogger.LOGGER.debugFailedLogin(e);
}
}
return false;
}
- The result is always
"false"
on bypassinguseFirstPass
.
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.3.0
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.