Hi,
I am trying to write an application with the following characteristics:
1. The Session Beans are secured using annotation @SecurityDomain("library")
2. I have written a custom login module which derives from
org.jboss.security.auth.spi.UsernamePasswordLoginModule. The login module sar
is deployed with the following META-INF/jboss-service.xml configuration:
| <?xml version="1.0" encoding="UTF-8"?>
| <server>
| <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
| name="ejb3:service=LibraryJAASService">
| <attribute name="AuthConfig">login-config.xml</attribute>
| <depends optional-attribute-name="LoginConfigService">
| jboss.security:service=XMLLoginConfig
| </depends>
| <depends optional-attribute-name="SecurityManagerService">
| jboss.security:service=JaasSecurityManager
| </depends>
| </mbean>
| </server>
|
The META-INF/login-cofig.xml file in the SAR is
| <!--
| the file will go into SAR
| -->
| <application-policy name="library">
| <authentication>
| <login-module code="org.vss.security.auth.spi.VssLoginModule"
flag="required"/>
| </authentication>
| </application-policy>
|
I don't want to modify the default conf/login-config.xml to add my security
domain module and am using the SAR file for it.
3. The web application has the ClientLoginModule configured properly and is
getting called.
However when I try to access the Session Beans from my web-tier, it throws the
following exception
| ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files
| java.io.IOException: No properties file: users.properties or defaults:
defaultUsers.properties found
|
which points to the fact that the custom login module that I am trying to use
is not being used for the EJB tier security.
Can someone help me with pointing out what I should be doing to have my custom
login module called [if possible without having to modify the
$JBOSS_HOME/<>/conf/login-config.xml configuration file and preferably using
the SAR deployment to configure a new security domain.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3916440#3916440
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3916440
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
