[jboss-user] [Security & JAAS/JBoss] - not able to get the prompt asking for user password

Mon, 13 Nov 2006 07:24:26 -0800 

trying to test for secure a web application in JBoss AS. 
added given entry in the following files

1. web.xml (under mywebapp/WEB-INF)
-------------

        <servlet-name>Hello</servlet-name>
        <servlet-class>HelloServlet</servlet-class>
        <display-name></display-name>
                        
        <security-role-ref>
                <role-name>user</role-name> 
                <role-link>user</role-link>
        </security-role-ref>

                

<servlet-mapping>
        <servlet-name>Hello</servlet-name>
        <url-pattern>/hello</url-pattern>
</servlet-mapping>


<login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>tw-app</realm-name>
</login-config>

<security-constraint>
        <web-resource-collection>                       
                <url-pattern>/hello</url-pattern>
                <url-pattern>/*</url-pattern>                   
        </web-resource-collection>
        <auth-constraint>
                <role-name>user</role-name>
                
        </auth-constraint>
        <user-data-constraint>
                <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
</security-constraint>  

<security-role>
        
        <role-name>user</role-name>
</security-role>

<error-page>
        <error-code>401</error-code>
        /error/401.html
</error-page>   

2. jboss-web.xml(under mywebapp/WEB-INF)
-------------------
<jboss-web>
  <security-domain>java:/jaas/tw-app</security-domain>
</jboss-web>

3. login-config.xml (under servername\conf\login-config.xml)
----------------------
<application-policy name = "tw-app">
            
                <login-module 
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
                flag = "required">
                <module-option 
name="usersProperties">props/tw-appUsers.properties</module-option>
                <module-option 
name="rolesProperties">props/tw-appRoles.properties</module-option>
                </login-module>
            
</application-policy> 


my problem is that, while invoking the hello servlet, I am not being prompt for 
the user name and password as expecting to be. I am given error 404 , page not 
found. 
but when I comment all these things, I am getting the hello msg by the hello 
servlet.
could any one please tell me, if I am still missing anything in any config file 
to get browser prompt for user name and password.

Thanks

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3985467#3985467

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3985467
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to