[JBoss-user] JAAS,Setting alternate Security domain
Title: JAAS,Setting alternate Security domain Hi all , I have set up a security domain in login-config.xml as application-policy name = Test authentication login-module code = org.jboss.security.auth.spi.UsersRolesLoginModule flag = required / /authentication /application-policy To apply this to EJB my jboss.xml looks like this ?xml version=1.0 encoding=UTF-8? jboss !-- All bean containers use this security manager by default -- security-domainjava:/jaas/Test/security-domain enterprise-beans session ejb-nameHelloWorld/ejb-name jndi-nameHelloWorld/jndi-name /session /enterprise-beans /jboss But I have some EJB's which should not be in this Security domain . Say I have a bean called EchoWorld .. which can be called withour Authentication/Authorization . What settings should I do in jboss.xml ?? Any pointers , help is appreciated .. Nimish
RE: [JBoss-user] JAAS,Setting alternate Security domain
Title: JAAS,Setting alternate Security domain To do so, You could define the method permission for the bean EchoWorld in the file jboss.xml as following: method-permission uncheck/ ejb-nameEchoWorld/ejb-name method*/method /method-permission But the login modules still need to be configured to authenticate an anonymous user, so you need to define the unauthenticated-principal in the login-config.xml for your security domain. For example: application-policy name = Test authentication login-module code = org.jboss.security.auth.spi.UsersRolesLoginModule flag = required module-option name = unauthenticatedIdentitynobody/module-option /login-module /authentication /application-policy You should also define this in jboss.xml: security-domainjava:/jaas/Test/security-domain unauthenticated-principalnobody/unauthenticated-principal Quan -Original Message- From: Nimish Chourey , Tidel Park - Chennai [mailto:[EMAIL PROTECTED] Sent: Monday, July 14, 2003 12:45 PM To: [EMAIL PROTECTED] Subject: [JBoss-user] JAAS,Setting alternate Security domain Hi all , I have set up a security domain in login-config.xml as application-policy name = Test authentication login-module code = org.jboss.security.auth.spi.UsersRolesLoginModule flag = required / /authentication /application-policy To apply this to EJB my jboss.xml looks like this ?xml version=1.0 encoding=UTF-8? jboss !-- All bean containers use this security manager by default -- security-domainjava:/jaas/Test/security-domain enterprise-beans session ejb-nameHelloWorld/ejb-name jndi-nameHelloWorld/jndi-name /session /enterprise-beans /jboss But I have some EJB's which should not be in this Security domain . Say I have a bean called EchoWorld .. which can be called withour Authentication/Authorization . What settings should I do in jboss.xml ?? Any pointers , help is appreciated .. Nimish
Re: [JBoss-user] JAAS,Setting alternate Security domain
You don't have to assign the security domain globally for all beans. It can be specified for individual beans using a custom container configuration so that you have mix of secure/unsecure beans. This will preclude interaction between the beans of course. -- Scott Stark Chief Technology Officer JBoss Group, LLC Nimish Chourey , Tidel Park - Chennai wrote: Hi all , I have set up a security domain in login-config.xml as application-policy name = Test authentication login-module code = org.jboss.security.auth.spi.UsersRolesLoginModule flag = required / /authentication /application-policy To apply this to EJB my jboss.xml looks like this ?xml version=1.0 encoding=UTF-8? jboss !-- All bean containers use this security manager by default -- security-domainjava:/jaas/Test/security-domain enterprise-beans session ejb-nameHelloWorld/ejb-name jndi-nameHelloWorld/jndi-name /session /enterprise-beans /jboss But I have some EJB's which should not be in this Security domain . Say I have a bean called EchoWorld .. which can be called withour Authentication/Authorization . What settings should I do in jboss.xml ?? Any pointers , help is appreciated .. Nimish --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
