[jboss-user] [JBoss Seam] - Re: JAAS login with JBoss Seam
The Seam wiki contains an example (now outdated). Look under the Deprecated Old Stuff heading. http://www.jboss.com/wiki/Wiki.jsp?page=JBossSeam L View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4032341#4032341 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4032341 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: JAAS login with JBoss Seam
This approach worked for me before, but I was wondering if the identity component can be wired. Using the regular authentication / authorization module makes the seam identity component useless. I believe that one approach to benefit from the identity module is to write the LDAP authentication within the authenticate method and provide an XML configuration to make it more or less portable. I would like to get Gavin's feedback on that View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4032399#4032399 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4032399 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: JAAS login with JBoss Seam
It might be true now but I had configuration hell... | ?xml version=1.0 encoding=UTF-8? | !DOCTYPE jboss-web PUBLIC -//JBoss//DTD Web Application 2.3//EN http://www.jboss.org/j2ee/dtd/jboss-web_3_0.dtd; | | jboss-web | |security-domainjava:/jaas/fooSecurityPolicy/security-domain | |!-- Resource Environment References -- | |!-- Resource references -- | |!-- EJB References -- | | /jboss-web | | ?xml version='1.0'? | !DOCTYPE policy PUBLIC | -//JBoss//DTD JBOSS Security Config 3.0//EN | http://www.jboss.org/j2ee/dtd/security_config.dtd; | policy | application-policy name=fooSecurityPolicy | authentication | login-module code=org.jboss.security.auth.spi.DatabaseServerLoginModule flag=required | module-option name=dsJndiName | java:/fooDatasource | /module-option | module-option name=principalsQuery | SELECT password FROM user WHERE userId=?; | /module-option | module-option name=rolesQuery | SELECT role, 'Roles' FROM role r | INNER JOIN user u ON u.userID = r.userID | WHERE u.userId=? | /module-option | module-option name=ignorePasswordCasetrue/module-option | module-option name=hashCharsetUTF-8/module-option | module-option name=hashEncodinghex/module-option | module-option name=hashAlgorithmMD5/module-option | /login-module | /authentication | /application-policy | /policy | | ?xml version=1.0 encoding=UTF-8? | server | mbean code=org.jboss.security.auth.login.DynamicLoginConfig |name=foo:service=DynamicLoginConfig | attribute name=AuthConfigfoo-login-config.xml/attribute | depends optional-attribute-name=LoginConfigService | jboss.security:service=XMLLoginConfig | /depends | depends optional-attribute-name=SecurityManagerService | jboss.security:service=JaasSecurityManager | /depends | /mbean | /server | | security-constraint | web-resource-collection | web-resource-nameSecure Area/web-resource-name | descriptionSecurity for Protected Pages/description | url-pattern/secure/*/url-pattern | http-methodPOST/http-method | http-methodGET/http-method | /web-resource-collection | auth-constraint | descriptionOnly valid users can use the secure resources/description | role-namefooUser/role-name | /auth-constraint | user-data-constraint | transport-guaranteeNONE/transport-guarantee | /user-data-constraint | /security-constraint | | security-constraint | web-resource-collection | web-resource-nameAdmin Area/web-resource-name | descriptionAdministrator Protected Pages/description | url-pattern/admin/*/url-pattern | http-methodPOST/http-method | http-methodGET/http-method | /web-resource-collection | auth-constraint | descriptionOnly valid admin users can use the secure resources/description | role-namefooAdmin/role-name | /auth-constraint | user-data-constraint | transport-guaranteeNONE/transport-guarantee | /user-data-constraint | /security-constraint | | login-config | auth-methodFORM/auth-method | realm-namefooSecurityPolicy/realm-name | form-login-config | form-login-page/login.seam/form-login-page | form-error-page/loginError.seam/form-error-page | /form-login-config | /login-config | | security-role | descriptionAn foo system user/description | role-namefooUser/role-name | /security-role | | security-role | descriptionAn foo admin user/description | role-namefooAdmin/role-name | /security-role | | | ejb-jar |security-domainjava:/jaas/fooSecurityPolicy/security-domain |assembly-descriptor | interceptor-binding | ejb-name*/ejb-name | interceptor-classorg.jboss.seam.ejb.SeamInterceptor/interceptor-class | /interceptor-binding |/assembly-descriptor | /ejb-jar | | jboss-app |