Integration Server 10.5 | Integration Server Administrator's Guide | Customizing Authentication Using JAAS | Writing a Custom JAAS Login Module for Integration Server | Implement Commit()
 
Implement Commit()
Depending on how the login context is configured, it is possible for more than one module to succeed with a different user name. Integration Server does not have a default mechanism to determine which course of action to take when multiple login modules succeed with different user names. To circumvent these situations, Integration Server login modules implement the following commit method:
public boolean commit() throws LoginException {
createUserPrincipal = "true";
super.commit();
return true;
}
Here, createUserPrincipal is a member variable in SagAbstractLoginModule. The method super.commit() refers to the commit() method in SagAbstractLoginModule. This commit() method retrieves the user name from the SagCredentials and creates a SagUserPrincipal only if there are no SagUserPrincipal objects in the Subject.
Your login module should implement the commit() method as shown above.
If more than one login module in IS_Transport succeeds, only the first module that invoked commit() creates the principal. Thus, once you have implemented commit(), you can arrange the order of the login modules in the JAAS configuration file to suit your needs. If there are multiple principals in the Subject, Integration Server takes the principal at index 0.
If JAAS is able to authenticate the user, JAAS returns a javax.security.auth.Subject. Integration Server adds this JAAS subject into the current session. You can retrieve the subject by making the following call:
com.wm.app.b2b.server.InvokeState.getCurrentSession().getCurrentJaasSubject()