Hi
Sure, here it is:
foo.ear
datasource.sar
security.sar
foo.war
foo.jar
where security.sar looks like:
security.sar
Meta-inf
Manifest
jboss-service.xml
login-config.xml
where jboss-service.xml contains:
<server>
<mbean code="com.acme.mbean.security.SecurityConfig"
name="acme:service=AcmeSecurityLoginConfig">
<attribute name="AuthConfig">META-INF/login-config.xml</attribute>
<attribute
name="SecurityConfigName">jboss.security:name=SecurityConfig</attribute>
</mbean>
</server>
and login-config.xml contains:
<policy>
<application-policy name = "AcmeRealm">
<authentication>
<login-module code =
"org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name = "dsJndiName">java:/AcmeDS</module-option>
<module-option name = "principalsQuery">sql select password
string</module-option>
<module-option name = "rolesQuery">sql select role
string</module-option>
</login-module>
</authentication>
</application-policy>
</policy>
and finally the source for the mbean com.acme.mbean.security.SecurityConfig
This the implementation: SecurityConfig.java
package com.acme.mbean.security;
import java.net.URL;
import java.util.Hashtable;
import javax.management.MBeanServer;
import javax.management.ObjectName;
import org.jboss.security.auth.login.XMLLoginConfig;
import org.jboss.system.ServiceMBeanSupport;
/**
* A security config mbean that loads an xml login configuration and
* pushes a XMLLoginConfig instance onto the the config stack managed by
* the SecurityConfigName mbean(default=jboss.security:name=SecurityConfig).
*
**/
public class SecurityConfig extends ServiceMBeanSupport
implements com.netmill.dmmbase.mbean.security.SecurityConfigMBean
{
// Constants -----------------------------------------------------
// Attributes ----------------------------------------------------
private String authConf = "login-config.xml";
private XMLLoginConfig config = null;
private ObjectName mainSecurityConfig;
// Static --------------------------------------------------------
// Constructors --------------------------------------------------
public SecurityConfig()
{
setSecurityConfigName("jboss.security:name=SecurityConfig");
}
// Public --------------------------------------------------------
/**
* Get the name
**/
public String getName()
{
return "JAAS Login Config";
}
/**
* Get securityConfigName
**/
public String getSecurityConfigName()
{
return mainSecurityConfig.toString();
}
/**
* Set securityConfigName
**/
public void setSecurityConfigName(String objectName)
{
try
{
mainSecurityConfig = new ObjectName(objectName);
}
catch(Exception e)
{
log.error("Failed to create ObjectName", e);
}
}
/**
* Get the resource path to the JAAS login configuration file to use.
**/
public String getAuthConfig()
{
return authConf;
}
/**
* Set the resource path to the JAAS login configuration file to use.
* The default is "login-config.xml".
**/
public void setAuthConfig(String authConf)
{
this.authConf = authConf;
}
// Protected --------------------------------------------------------
/**
* Start the service.
**/
protected void startService() throws Exception
{
// Look for the authConf as resource
ClassLoader loader = Thread.currentThread().getContextClassLoader();
URL loginConfig = loader.getResource(authConf);
if( loginConfig != null )
{
String securityConfigName = "AcmeConfig";
log.info("Using securityConfigName: '"+securityConfigName+"'");
log.info("Using JAAS AuthConfig: "+loginConfig.toExternalForm());
config = new XMLLoginConfig();
config.setConfigURL(loginConfig);
config.start();
MBeanServer server = super.getServer();
ObjectName name = super.getServiceName();
Hashtable props = name.getKeyPropertyList();
props.put(securityConfigName, "XMLLoginConfig");
name = new ObjectName(name.getDomain(), props);
server.registerMBean(config, name);
Object[] args = {name.toString()};
String[] sig = {String.class.getName()};
server.invoke(mainSecurityConfig, "pushLoginConfig", args, sig);
}
else
{
log.warn("No AuthConfig resource found");
}
}
/**
* Stop the service.
**/
protected void stopService() throws Exception
{
String securityConfigName = "AcmeConfig";
log.info("Using securityConfigName: '"+securityConfigName+"'");
MBeanServer server = super.getServer();
ObjectName name = super.getServiceName();
Hashtable props = name.getKeyPropertyList();
props.put(securityConfigName, "XMLLoginConfig");
name = new ObjectName(name.getDomain(), props);
Object[] args = {};
String[] sig = {};
server.invoke(mainSecurityConfig, "popLoginConfig", args, sig);
server.unregisterMBean(name);
}
}
and the interface: SecurityConfigMBean.java
package com.acme.mbean.security;
import org.jboss.system.ServiceMBean;
/**
* An mbean interface for a config service that pushes an xml based
* javax.security.auth.login.Configuration onto the config stack managed by
* the mbean whose name is given by the SecurityConfigName attribute.
*
**/
public interface SecurityConfigMBean extends ServiceMBean
{
/**
* Get the classpath resource name of the security configuration file
**/
public String getAuthConfig();
/**
* Set the classpath resource name of the security configuration file
**/
public void setAuthConfig(String configURL);
/**
* Get the name of the SecurityConfig mbean whose pushLoginConfig and
* popLoginConfig ops will be used to install and remove the xml login
config
**/
public String getSecurityConfigName();
/**
* Set the name of the SecurityConfig mbean whose pushLoginConfig and
* popLoginConfig ops will be used to install and remove the xml login
config
**/
public void setSecurityConfigName(String objectName);
}
The above will work for jBoss 3.0.x if you are using 3.20RC2 you have to
change the line :
<attribute
name="SecurityConfigName">jboss.security:name=SecurityConfig</attribute>
in jboss-service.xml, to :
<attribute
name="SecurityConfigName">jboss.security:service=SecurityConfig</attribute>
Thats it....
BR
Terp
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
