First , thanks for replying..I hope you are able to solve my problem
I am using form based authentication.
Essentially the username and password is grabbed via HTML form.heres the code
for my .vm template.
2 days and still no reply to my topic.. :(
I am using the jboss 4.0.2 version..
well, i have done a lot of research on the exception insufficinet
permissionsprincipal=[null]... and from what i found on the forums and the
WIKI, my login.xml needs to be like that :
What is the client that is trying to authenticate?
It looks as if you have a web application, rather than using the
ClientLoginModule you should be using the servlet authentication that you need
to define in the web.xml
How many calls does your web application make to the ejb tier in a single
Your principals query and the role query use wrong column name? Your table has
Username column isnt it?
Also your application policy name in login-config is defauth but you are using
megs in jboss.xml??
View the original post :
Yeah , I did notice that :) and rectify that , changed the query as well as the
application policy name. Now here is the problem I am facing.
In jboss.xml , the security-domain is sepcified as :
security-domain java:/jaas/megs /security-domain
I guess this makes jboss look for login modules
Well I am still stuck with the exception reported earlier. I was hoping I could
get some replies for that :(.
My application needs authorized access to create and add users for the
application. Say, only users with the role 'ManageUsers' can create and add
users and users with role
Well I am still stuck with the exception reported earlier. I was hoping I could
get some replies for that :(.
My application needs authorized access to create and add users for the
application. Say, only users with the role 'ManageUsers' can create and add
users and users with role
Well, thanks for all those tips, I am trying out that right now. I am still a
bit confused regarding the configuration of JAAS for JBOSS, I am developing an
ejb application, so accordingly I guess I need to configure the following files:
-- ejb-jar.xml
-- jboss.xml
-- login-config.xml
How
oks this is what I have till now,
For Starters, I just need to verify, if a user
with the username admin and password superuser can successfully
login into the application.
This is my Database Schema in postgresql
users table which stores the user information
* id (INTEGER PRIMARY KEY)
angelzworld,
I just wrote up a quick article on using JBoss's security architecture.
Although it's not really needed, as there are a slew of articles out there (not
to mention on this site in particular).
I only write these articles to help my understanding, and for note taking. You
can
Also,
I finished up the database portion just so you can look at it.
If you are asking about a book, most of my knowledge came from the JBoss Wiki,
the JBoss Admin Guide, and the book JBoss: A Developer's Notebook.
I highly recommend the Developer's Notebook, as it gives you a hand's on guide
At the highest level these are the steps required to convert a insecure j2ee
app to a secure one in jboss
For web apps
1) In the web.xml list the urls that need to be secure and the http methods
that need to be secure. This can be done as so.
| anonymous wrote : !-- Specify the secured
I would start with the JBoss Security chapter in the JBoss documentation
(available on the JBoss site). This provides a base understanding of the
JBossSX and JAAS. If that doesn't get you going, look at the DVD Store Trail
Blazer available on the JBoss site ... that gives a complete example.
Thanks a lot for that tip, I am going through the documentation and well by now
I am familiar with the basics, but need to know how it works togetther as a
whole, so was looking out for the example.
Can you please provide me with the link for the DVD Store Trail Blazer? I was
not able to
14 matches
Mail list logo
