-
1. Re: Catalina Realms & JBoss 2.4
cjohnson Oct 7, 2001 12:44 PM (in response to cjohnson)OK... I think I'm almost there.
I added the jboss-web.xml to the manager.war in WEB-INF, it contains:
<?xml version="1.0"?>
<jboss-web>
<security-domain>java:/jaas/manager</security-domain>
</jboss-web>
auth.conf contains
manager {
org.jboss.security.auth.spi.UsersRolesLoginModule required
unauthenticatedIdentity="nobody";
};
I placed a users.properties and roles.properties in $JBOSS_HOME/jboss/conf/catalina with the contents of
users.properties:
admin=admin
roles.properties:
admin=manager
The web.xml for the manager.war is unchanged from the distro, the security-constraint and login-config look like:
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- NOTE: This role is not present in the default users file -->
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat Manager Application</realm-name>
</login-config>
I'm now getting a 403 whenever I connect to http://localhost:8080/manager yet I should be getting a BASIC auth prompt from the server. Can anyone tell me where I'm getting this wrong?
TIA