-
1. Re: JBoss Form-based Login Question
aleung_ca Oct 22, 2001 4:29 PM (in response to charlesrk)I use FORM authentication in jboss-tomcat, it is fine, I can give you my config as follow(hope that it is similar):
You need to specify the security-domain in a file jboss-web.xml under the web-inf folder of your war file, something as follows:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/example1</security-domain>
</jboss-web>
Where the security-domain "java:/jaas/example1" is defined in auto.conf file(under <jboss-jetty home>/conf) as follows:
example1 {
// A properties file LoginModule that supports CallerPrincipal mapping
org.jboss.security.auth.spi.UsersRolesLoginModule required
;
};
Then you need to specify the user names on file users.properties and map the role name of the user on file roles.properties(in your example, it should map to role "admin"). Both these two files should be on the top directory of your war file.
You can read http://www.jboss.org/documentation/HTML/ch13s70.html
for details. -
2. Re: JBoss Form-based Login Question
ikestrel Oct 22, 2001 7:09 PM (in response to charlesrk)You might want to upgrade to a newer version of Jetty. I don't remember which version, but the j_security_check 404 bug was fixed recently. Try upgrading and see if that fixes your problem.
-
3. Re: JBoss Form-based Login Question
kuding2000 Oct 22, 2001 9:49 PM (in response to charlesrk)You'd better place user and role informations in database, flexible than properties files.
-
4. Re: JBoss Form-based Login Question
oliver.ouyang Nov 13, 2001 8:53 PM (in response to charlesrk)> You'd better place user and role informations in
> database, flexible than properties files.
But how can I do it? -
5. Re: JBoss Form-based Login Question
foglesa Nov 13, 2001 9:29 PM (in response to charlesrk)you can set up a database login module fairly easily. make a table for the roles, and one for users/passwords. In my case the users table is multi purposed, but it has a username and password field. (you can call them whatever you want.)
they are your basic varchar(64) fields.
the roles table is a bit more complex... it has 3 fields (this is not the "complex" part) they are...
USERNAME
ROLE
ROLEGROUP
Again they are varchar(64) fields...
now the data in the user table is obvious. (lets assume you named the fields username and password.... if not later when we do auth.conf change the names there)
in the role table you will have minimally 2 rows per user...
so for my user (foglesa) they will look like this...
username role Rolegroup
foglesa someRole Roles
foglesa Caller_foglesa Caller_Principal
You can have multiple roles simply by adding more entries with different 'role' in rolegoup Roles.
Now add a configuration to auth.conf like this...
datalogin {
org.jboss.security.auth.spi.DatabaseServerLoginModule required
dsJndiName="java:/someDS"
principalsQuery="select Password from users where userName=?"
rolesQuery="select Role, RoleGroup from Roles where userName=?" ;
};
now in a jboss.xml or jboss-web.xml you can denote security by adding the line
<security-domain>java:/jaas/datalogin</security-domain>
Easy maintenance.
Al
P.s. this is all covered quite well in the docs. search on JAAS on the documents page and you should come up with it quite fast (i forget the url right offhand.)