Instructions for setting up a JAAS module in your web application
Step 1: Inside the /META-INF/jboss-app.xml of your ear file place the following configuration
<?xml version="1.0" encoding="UTF-8"?> <jboss-app> <module> <service>jboss-service.xml</service> </module> </jboss-app>
Step 2: Inside the jboss-service.xml file of your ear file place the following configuration
<?xml version="1.0" encoding="UTF-8"?> <server> <!-- hooking in a login module for the standalone version of JSF Forums --> <!-- The custom JAAS login configuration that installs a Configuration capable of dynamically updating the config settings --> <mbean code="org.jboss.security.auth.login.DynamicLoginConfig" name="jboss.security.tests:service=LoginConfig"> <attribute name="AuthConfig">META-INF/security-config.xml</attribute> <depends optional-attribute-name="LoginConfigService"> jboss.security:service=XMLLoginConfig </depends> <depends optional-attribute-name="SecurityManagerService"> jboss.security:service=JaasSecurityManager </depends> </mbean> </server>
Step 3: Inside the /META-INF/security-config.xml file of your ear file provide the JAAS module configuration.
The following is a sample configuration file for the org.jboss.security.idm.UsernameAndPasswordLoginModule that comes packaged with the SSO Framework.
<?xml version='1.0'?> <!DOCTYPE policy PUBLIC "-//JBoss//DTD JBOSS Security Config 3.0//EN" "http://www.jboss.org/j2ee/dtd/security_config.dtd"> <!-- The JAAS login configuration file for the java:/jaas/jbossweb-form-auth security domain used by the security-spec test case --> <policy> <application-policy name="{application name you choose for your web application}"> <authentication> <login-module code="org.jboss.security.idm.UsernameAndPasswordLoginModule" flag="sufficient"> <module-option name="unauthenticatedIdentity">guest</module-option> <module-option name="password-stacking">useFirstPass</module-option> <!--module-option name="hashAlgorithm">MD5</module-option> <module-option name="hashEncoding">HEX</module-option--> <module-option name="authenticatedRoles">Authenticated,RegisteredUsers</module-option> </login-module> <login-module code="org.jboss.security.idm.UsernameAndPasswordLoginModule" flag="sufficient"> <module-option name="unauthenticatedIdentity">guest</module-option> <module-option name="password-stacking">useFirstPass</module-option> <module-option name="authenticatedRoles">Authenticated,RegisteredUsers</module-option> </login-module> </authentication> </application-policy> </policy>
Step 4: Inside the /WEB-INF/jboss-web.xml file of your war file packaged inside the ear file, provide the following configuration
<?xml version="1.0"?> <jboss-web> <security-domain>java:jaas/{application name you choose for your web application}</security-domain> </jboss-web>
For further details with configuring JAAS based authentication, please refer to the following : JAAS
\
Comments