OpenAM : Can't login with custom authentication module

2k views Asked by At

I developed a custom authentication module by following the example and installed into top level realm. OpenAM 11.0.0.

enter image description here

Then I open the test page for my auth module. enter image description here

The login fails with the error "Login/password combination is invalid."

However, if I open /openam after seeing this error message, it says I am logged-in.

enter image description here

Here is the process code of the AMLoginModule

public int process(Callback[] callbacks, int state) throws LoginException
{

    if (debug.messageEnabled())
    {
        debug.message("Authentication module process() is called. state: " + state);
    }


    switch (state)
    {

        case STATE_BEGIN:
        // No time wasted here - simply modify the UI and
        // proceed to next state
        substituteUIStrings();
        return STATE_AUTH;

        case STATE_AUTH:
        return ISAuthConstants.LOGIN_SUCCEED;

        case STATE_ERROR:
        return STATE_ERROR;
        default:
        throw new AuthLoginException("invalid state");

    }

}

You can see any username / password is accepted. The debug log shows that the module is called correctly.

[root@a3652f4b6f0f debug]# tail /openam/openam/debug/em 
em:06/15/2015 06:58:20:462 AM UTC: Thread[http-bio-8080-exec-4,5,main]
Authentication module process() is called. state: 1
em:06/15/2015 06:58:20:540 AM UTC: Thread[http-bio-8080-exec-4,5,main]
Authentication module process() is called. state: 2
em:06/15/2015 06:58:27:501 AM UTC: Thread[http-bio-8080-exec-4,5,main]
Authentication module init() is called
em:06/15/2015 06:58:27:507 AM UTC: Thread[http-bio-8080-exec-4,5,main]
Authentication module process() is called. state: 1
em:06/15/2015 06:58:27:625 AM UTC: Thread[http-bio-8080-exec-4,5,main]
Authentication module process() is called. state: 2

Please why do I see the error "Login/password combination is invalid." in test login page?

1

There are 1 answers

0
Vaseph On BEST ANSWER

The problem is that you don't have user profile to login. You need to have the username in your datastore which you pass to SampleAuthPrincipal("username") constructor .

@Override
public Principal getPrincipal() {
    return new SampleAuthPrincipal("username");
}

This should resolve your problem.