[JBoss-user] [Security & JAAS/JBoss] - Basic Authentication Problem

Tue, 25 May 2004 05:35:23 -0700 

Hi folks,

I am new to the forum and am ready to be scolded if my problem gets solved. :)

I am not able to set up Basic authentication in jboss. It works fine in Tomcat. 

This is what I have done:

1. Added this to web.xml:

   <security-constraint>
    <web-resource-collection>
      <web-resource-name> 
        Protected Site 
      </web-resource-name>
      <!-- This would protect the entire site -->
      <url-pattern> /* </url-pattern>
      <!-- If you list http methods, 
            only those methods are protected -->
      <http-method> DELETE </http-method>
      <http-method> GET </http-method>
      <http-method> POST </http-method>
      <http-method> PUT </http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>OS</role-name>
      <role-name>CRM</role-name>
    </auth-constraint>
  </security-constraint>
  
  <!-- BASIC authentication -->
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>ServicePortal</realm-name>
  </login-config>

  <!-- Define security roles -->
    
  <security-role>
    OS User
    <role-name>OS</role-name>
  </security-role>
  
   <security-role>
    CRM User
    <role-name>CRM</role-name>
  </security-role>
  

2. added this to jboss-web.xml

<jboss-web>
  <security-domain>java:/jaas/ServicePortal</security-domain>  
</jboss-web>


3. Added this to login-config.xml

<application-policy name = "ServicePortal">
    
      <login-module  
          code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag   
                 = "required">
           <module-option name ="unauthenticatedIdentity">
               guest
           </module-option>
      </login-module>
    
</application-policy> 

4. Created users.properties

USER=USER
ABC=ABC
DEF=DEF

5. Created Roles.properties

USER=OS,CRM
ABC=OS
DEF=CRM


This is all I have found in the documentation. But don't know what is going wrong. 
JBoss version is 3.2.3.

Please help.

Thanks in advance :)

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3835756#3835756

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3835756



-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to