[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
HI j2ee_junkie I have created sample struts application with login page and display page when i submit To switch from http to https that is i should be able to access the login page with http but when i give submit it should go into secure mode and the next page should be displayd As per your instructions i made changes in web.xml file to include security-constraint web-resource-collection web-resource-nameSample Application/web-resource-name Require users to authenticate url-pattern*.do/url-pattern http-methodPOST/http-method http-methodGET/http-method /web-resource-collection auth-constraint Only allow Authenticated_users role role-nameTEST_ROLE_NAME/role-name /auth-constraint user-data-constraint Encryption is not required for the application in general. transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint security-role role-nameTEST_ROLE_NAME/role-name /security-role login-config auth-methodBASIC/auth-method realm-nameTEST_REALM_NAME/realm-name /login-config i created users.properties and roles.properties in conf directory to include appropriate parameters now when i try to go to http://localhost:8080/Struts4 i do get the login page but when i go for submit i get authenctication dialog asking for username and password for TEST_REALM_NAME and when i give the correct parameters authentication happens properly and i again go to the first page i.e the login page only differnce now is it the same login page but with https:// but the what the real requirementa of mine are 1. when i first open the login page in http:// and i submit the login credential( jsp page) and give the submit button i should go into secure mode and should go to the next page ie it should have https in the url 2. I should not get any authentication dialog(TEST_REAL_NAME) asking for username and password , directly i should go to the next page when i give the submit button .i.e there should not come any authenticaion dialog while switching from http to https J2ee_junkie can u give me any idea regarding this appreciate your response in this regard Thanks BHanu View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3951449#3951449 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3951449 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
Bhanu, As I mentioned above. Please lets just stick to the topic of this thread. That topic is getting SSL working. Have you got SSL configured and working? Submit the other problems you have encounterd in a new thread. I just want to make sure each problem gets fixed before we move on to others. Thanks cgriffith View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3951483#3951483 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3951483 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
HI J2ee_junkie i followed your instruction i made a simple struts applicatioon for login i edited the web.xml file to include user-data-constraint and transport-guarantee but when i start the browser with http://localhost:8080/Struts4 the login page does get opened but when i submit then it goes into https but i get this error HTTP Status 403 - Configuration error: Cannot perform access control without an authenticated principal type Status report message Configuration error: Cannot perform access control without an authenticated principal description Access to the specified resource (Configuration error: Cannot perform access control without an authenticated principal) has been forbidden. Could you please tell me how to proceed Thanks Bhanu View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3951260#3951260 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3951260 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
Bhanu, First verify if you have SSL setup and running. That is what this thread was for. The troubles you are most recently describing deal with configuring container managed authentication. In that case, review the server guide at http://docs.jboss.org/jbossas/jboss4guide/r4/html/[/url], JBosssx wiki at [url]http://wiki.jboss.org/wiki/Wiki.jsp?page=JBossSX, and this forum for detials on how to configure CMA. If you still have problems, post a new thread. Just want to see one problem fixed at a time. Thanks, and good luck, cgriffith View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3951281#3951281 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3951281 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
Bhanu, That is what the user-data-constraint/transport-garentee elements of the web.xml are for. Set your first page to require CONFIDENTIAL user-data-constraint, and all others NONE. Then (not 100% on this) make sure not to request https:// in a link. I think once you request a secured transport, you have to explicitly request non-secured to get out. See if that helps, and let us know. cgriffith View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3950835#3950835 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3950835 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
Hi all Could anybody please tell me how to get http only for the first page and https for all other pages for example for login page it should be only http and once i login all the other pages should be accesible only through https Thanks Bhanu View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3950778#3950778 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3950778 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
Hi Satyaprasant Could you please tell me the steps how you did this iam totally new to this and though i was able to generate the keystore and the path was clearly metioned in server.xml but still the http://localhost:8443 doesnt work Please can you help me Thanks Bhanu View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3950280#3950280 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3950280 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
Eureka! I finally got what i wanted Thanks all for your help particularly Tefron Regards Bhanu View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3950284#3950284 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3950284 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
do you have the keystore file all setup correctlly? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3950123#3950123 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3950123 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
Hi Tefron Could you please let me know about this keystore stuff and anything which i need to work with this. as i am totally unaware of this. Thanks and Regards Bhanu View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3950129#3950129 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3950129 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
See chapter 8.7 in the jboss admin manuel: 8.7 Using SSL with JBoss using JSSE JBoss uses JSEE, the Java Secure Socket Extension (JSSE), for SSL. JSSE is bundled with JDK 1.4. To get started Security on JBoss JBoss Release 4 311 with JSSE you need a public key/private key pair in the form of an X509 certificate for use by the SSL server sockets. For the purpose of this example we have created a self-signed certificate using the JDK keytool and included the resulting keystore file in the chap8 source directory as chap8.keystore. It was created using the following command and input: keytool -genkey -keystore chap8.keystore -storepass rmi+ssl -keypass rmi+ssl -keyalg RSA -alias chapter .. Make sure that your generated keystore file in the location that you specify in the server.xml and that you have the correct password that was used to generate the file. good luck. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3950131#3950131 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3950131 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
I have a similar problem. I have set up all the certification stores properly. Because when i hit run.bat, my application runs fine. After setting up Jboss Eclipse IDE, i started using the shortcut button with the same Jboss instance as target and somehow it is unable to find the certificate store that is sitting right there in the default configuration folder ! I wonder what went wrong ! View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3950190#3950190 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3950190 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
Ok ... i got it ! The JBoss plugin is not pointing to the JDK directly. It is using JRE. So, when i placed my certificate store inside Jdk1.5/Jre1.5/lib/security folder, the plugin was unable to find it in the Jre1.5/lib/security folder ! When i placed it in the second place tooo , it worked ! basically when i installed java, it created two folders C:\Java\Jdk1.5.02 and C:\Java\Jre1.5.02, and also there was a JRE inside the JDK folder ! Bottom line, whereever in your system you find a JRE folder put your security certificate store in its security folder ;) View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3950197#3950197 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3950197 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
Hi, yes i did edit the server.xml in tomcat.sar and uncommented the said lines for SSL TLS connector but even after that i dont get the page i look for i gave https://localhost:8443 but in vain please can you me details or steps to bring support for https iam struggling for long time Please please somebody help me out Regards Bhanu View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3949824#3949824 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3949824 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
Does http://localhost:8080 works for you? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3949881#3949881 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3949881 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
yes http works for me but not the https and as mentioned earlier i have uncommented the lines but in vain. Can you please tell any body else whom i can approach as this issues has become like thorn in flesh for me... please anybody Regards Bhanu View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3950037#3950037 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3950037 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Help needed in getting support for https in JBOSS
edit: \jboss-4.0.4.GA\server\default\deploy\jbossweb-tomcat55.sar\server.xml uncomment the following: !-- SSL/TLS Connector configuration using the admin devl guide keystore -- and then access through https://localhost:8443 good luck. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3949606#3949606 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3949606 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user