I want to  create a credential using the user's username and password, which
is supposed to be done just after the user enter his / her username and
password at the login page. But the problem is I don't know where the login
page is placed, do anyone know? Or is there any alternate solution?

[ Post a follow-up to this message ]

Thank you for your advise. I have already read the documents, but I still
have some problems.

The way that is suggested to customize the login mechanism now is to
subclass a Java class that the login page call, right? But how can I create
a credential in a pure Java class? From my knowledge, creating a credential
involves the using of some portlet methods / objects, e.g. getPortletConfig,
PortletRequest, etc. How can we create a credential in a Java class, without
having a Portlet? How can you "insert the login credentials the user enters
on the login page into a credential vault slot"?


"Florian Racky" <florian.racky@techem.de> ¦b¶l¥ó
news:cjgpkb$6qv0$1@news.boulder.ibm.com ¤¤¼¶¼g...
> Hi,
> 
solution?[vbcol=seagreen]
>
> Our portal server installation authenticates with an ldap directory. As
many other applications are using the same directory for authentication we
decided to insert the login credentials the user enters on the login page
into a credential vault slot and make them available for other application's
sso. The benefit of this is that the user has not to care about the stored
credentials at all (no initial creation, no trouble after a password
change).
>
> You can do changes in the so called post authentication phase of the
portal login. You wil find more information in:
http://www-1.ibm.com/support/docvie...id=swg21104482.
>
> Flo
>
>
>

[ Post a follow-up to this message ]

"Florian Racky" <florian.racky@techem.de> ¦b¶l¥ó
news:cjtd1a$6r00$1@news.boulder.ibm.com ¤¤¼¶¼g...
> Hi,
> 
>
> Yes, you need to subclass LoginUserAuth and override doPreAuthentication
for everything that should happen before the authentication is done and
doPostAuthentication for everything that should take place after the user is
authenticated. As you know the authenticated users login and password in
post authentication phase, you can easily put it into a cv slot.
> 
credential[vbcol=seagreen] 
getPortletConfig,[vbcol=seagreen] 
>
> The credential vault slot thing is nothing more than a database table with
base64 encoded passwords. As far as I remember the table contains at least
columns for the login and password for your application (base64 encoded),
the distinguished name (identifies the portal user) and a ressource id that
identifies the cv slot. In our case we are using a jdbc connection to insert
or update the database and a ldap search to get the user's distinguished
name by his portal login (this is actually done in pre authentication for
some other reasons).

Where is  the "database table"? Is it something that can be customized or it
has some well known information (e.g. port number)? Can you give me some
more information on how to make the connection / retrieve credential
information? Thank you!

>
> Flo

[ Post a follow-up to this message ]