Re: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ?
There is nothing wrong doing this. - Original Message - From: Scott Hasse To: [EMAIL PROTECTED] Sent: Friday, April 20, 2001 1:07 PM Subject: Re: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ? All, Having run into this same issue myself, I am wondering about the feasibility of developing a JBossRealm (or similiar) for Tomcat that actually authenticates against the JBoss security configuration. It seems to me that this would actually then be "integrated" security, versus the dual configuration that is needed now. For instance, SimpleRealm or JDBC Realm would no longer be needed. Their functionality would be replaced by a JBossRealm (or JBossRealmAuthenticate) module that authenticates the user in Tomcat. One huge advantage to this approach would be that we would be able to use any JBoss security configuration (which is nice and extensible) from Tomcat, versus just the JDBC and XML file capabilities currently available in Tomcat. Is there something fundamental that is preventing this from working, or that makes it a bad idea? Thanks, Scott ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ?
All, Having run into this same issue myself, I am wondering about the feasibility of developing a JBossRealm (or similiar) for Tomcat that actually authenticates against the JBoss security configuration. It seems to me that this would actually then be "integrated" security, versus the dual configuration that is needed now. For instance, SimpleRealm or JDBC Realm would no longer be needed. Their functionality would be replaced by a JBossRealm (or JBossRealmAuthenticate) module that authenticates the user in Tomcat. One huge advantage to this approach would be that we would be able to use any JBoss security configuration (which is nice and extensible) from Tomcat, versus just the JDBC and XML file capabilities currently available in Tomcat. Is there something fundamental that is preventing this from working, or that makes it a bad idea? Thanks, Scott >Correct.>>- Original Message - >From: "Ijonas Kisselbach" <[EMAIL PROTECTED]>>To: <[EMAIL PROTECTED]>>Sent: Thursday, April 19, 2001 11:44 AM>Subject: Re: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ?>>>> So let me get this right.>> >> First I authenticate within Tomcat, using the usual means This then sets>> ups credentials which will be passed onto JBoss for further handling.>> >> But always authenticate in Tomcat first... ??>> >> This makes sense if this is the case. Can you confirm ?>> >> Cheers,>> Ijonas.
Re: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ?
Correct. - Original Message - From: "Ijonas Kisselbach" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, April 19, 2001 11:44 AM Subject: Re: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ? > So let me get this right. > > First I authenticate within Tomcat, using the usual means This then sets > ups credentials which will be passed onto JBoss for further handling. > > But always authenticate in Tomcat first... ?? > > This makes sense if this is the case. Can you confirm ? > > Cheers, > Ijonas. > > > - Original Message - > From: "Scott M Stark" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, April 19, 2001 6:53 PM > Subject: Re: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss > realms. How ? > > > > > > You have to have a Tomcat realm ahead of the JbossRealm as the JbossRealm > > just mpas the credentials obtained by the Tomcat Realm onto the JBoss > notion > > of the thread user. > > > > ----- Original Message - > > From: Ijonas Kisselbach > > To: jbUser > > Sent: Thursday, April 19, 2001 10:01 AM > > Subject: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss > realms. How ? > > > > > > Hi, > > > > I'm trying to authenticate servlets against a a JBoss realm. I've got the > servlets and JSP authenticating against the > > org.apache.tomcat.request.SimpleRealm and tomcat-users.xml file. This > works fine. But I know want to go to the next step and > > authenticate against a Jboss realm. Hence I've commented out the Tomcat > security realm request interceptor from server.xml: > > > > > > > > > > > > > > ___ > > JBoss-user mailing list > > [EMAIL PROTECTED] > > http://lists.sourceforge.net/lists/listinfo/jboss-user > > > > ___ > JBoss-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/jboss-user > ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ?
So let me get this right. First I authenticate within Tomcat, using the usual means This then sets ups credentials which will be passed onto JBoss for further handling. But always authenticate in Tomcat first... ?? This makes sense if this is the case. Can you confirm ? Cheers, Ijonas. - Original Message - From: "Scott M Stark" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, April 19, 2001 6:53 PM Subject: Re: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ? > > You have to have a Tomcat realm ahead of the JbossRealm as the JbossRealm > just mpas the credentials obtained by the Tomcat Realm onto the JBoss notion > of the thread user. > > - Original Message - > From: Ijonas Kisselbach > To: jbUser > Sent: Thursday, April 19, 2001 10:01 AM > Subject: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ? > > > Hi, > > I'm trying to authenticate servlets against a a JBoss realm. I've got the servlets and JSP authenticating against the > org.apache.tomcat.request.SimpleRealm and tomcat-users.xml file. This works fine. But I know want to go to the next step and > authenticate against a Jboss realm. Hence I've commented out the Tomcat security realm request interceptor from server.xml: > > > > > > > ___ > JBoss-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/jboss-user > ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ?
You have to have a Tomcat realm ahead of the JbossRealm as the JbossRealm just mpas the credentials obtained by the Tomcat Realm onto the JBoss notion of the thread user. - Original Message - From: Ijonas Kisselbach To: jbUser Sent: Thursday, April 19, 2001 10:01 AM Subject: [JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ? Hi, I'm trying to authenticate servlets against a a JBoss realm. I've got the servlets and JSP authenticating against the org.apache.tomcat.request.SimpleRealm and tomcat-users.xml file. This works fine. But I know want to go to the next step and authenticate against a Jboss realm. Hence I've commented out the Tomcat security realm request interceptor from server.xml: ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] JBoss 2.2: Servlet Authentication against JBoss realms. How ?
Hi, I'm trying to authenticate servlets against a a JBoss realm. I've got the servlets and JSP authenticating against the org.apache.tomcat.request.SimpleRealm and tomcat-users.xml file. This works fine. But I know want to go to the next step and authenticate against a Jboss realm. Hence I've commented out the Tomcat security realm request interceptor from server.xml: I have changed my jboss.properties to point to tomcat/auth.conf : java.security.auth.login.config==file:../conf/tomcat/auth.conf My auth.conf looks as follows: simple { org.jboss.security.plugins.samples.SimpleServerLoginModule required;}; other { org.jboss.security.plugins.samples.JaasServerLoginModule required; }; The security secions in my jboss.jcml file look as follows: org.jboss.security.plugins.JaasSecurityManager As you can see fairly standard stuff a la the JAAS Howto. Finally my web.xml that configures my servlets has the following section which worked under the SimpleRealm authentication provided by Tomcat: Serv-C /* User BASIC other User Superuser I would expect , upon accessing the default page, a dialogue box to appeat asking for username and password, which would then be authenticated against the roles.properties and user.properties files. Where am I going wrong ? Cheers, Ijonas.