-
1. Re: roles and rolegroups in DatabaseServerLoginModule
tool Aug 30, 2002 11:41 AM (in response to illerd)RoleGroups are sets (actually java.security.acl.Group objects) of Roles. JBoss supports only RoleGroups called "Roles" or "CallerPrincipal".
**These two values are hard coded into the JaasSecurityManager class. (JBoss 3.0.x Book Pg. 271 under the DatabaseServerLoginModule section and Page 275 under the Writing Custom Login Modules section)
**These can be modified, if you mess around with the JBoss source code a bit. You just have to make the necessary change(s) to the JaasSecurityManager and recompile that jar its in (jbosssx.jar) and replace that jar in the /lib directory and restart the server.
If you want to use your own RoleGroups in JBoss then check out the JaasSecurityManager.java in the JBoss source code. The change(s) you have to make are actually pretty small.
Good luck!
Brian -
2. Re: roles and rolegroups in DatabaseServerLoginModule
illerd Aug 30, 2002 1:51 PM (in response to illerd)So, what is the distinction between Roles and CallerPrincipal? Do I have to put in two entries for each account, as in the example, or can I just have one record for each account and put everyone in the 'Roles' RoleGroup?
-
3. Re: roles and rolegroups in DatabaseServerLoginModule
illerd Aug 30, 2002 1:52 PM (in response to illerd)So, what is the distinction between Roles and CallerPrincipal? Do I have to put in two entries for each account, as in the example, or can I just have one record for each account and put everyone in the 'Roles' RoleGroup?
-
4. Re: roles and rolegroups in DatabaseServerLoginModule
illerd Aug 30, 2002 1:54 PM (in response to illerd)So, what is the distinction between Roles and CallerPrincipal? Do I have to put in two entries for each account, as in the example, or can I just have one record for each account and put everyone in the 'Roles' RoleGroup?
-
5. Re: roles and rolegroups in DatabaseServerLoginModule
illerd Aug 30, 2002 1:55 PM (in response to illerd)So, what is the distinction between Roles and CallerPrincipal? Do I have to put in two entries for each account, as in the example, or can I just have one record for each account and put everyone in the 'Roles' RoleGroup?
-
6. Re: roles and rolegroups in DatabaseServerLoginModule
illerd Aug 30, 2002 1:56 PM (in response to illerd)So, what is the distinction between Roles and CallerPrincipal? Do I have to put in two entries for each account, as in the example, or can I just have one record for each account and put everyone in the 'Roles' RoleGroup?
-
7. Re: roles and rolegroups in DatabaseServerLoginModule
illerd Aug 30, 2002 1:56 PM (in response to illerd)So, what is the distinction between Roles and CallerPrincipal? Do I have to put in two entries for each account, as in the example, or can I just have one record for each account and put everyone in the 'Roles' RoleGroup?
-
8. Re: roles and rolegroups in DatabaseServerLoginModule
illerd Aug 30, 2002 6:01 PM (in response to illerd)oh. It did go through. All 5 of them.
-
9. Re: roles and rolegroups in DatabaseServerLoginModule
tool Sep 3, 2002 9:52 AM (in response to illerd)I haven't played around much with the CallerPrincipal thing, but I know that you don't need them as long as you have an entry under Roles for that user.
It seems to me that CallerPrincipal is just a way of running the application with your CallerPrincipal value as your identity, instead of the username you type to login. They can be the same but don't have to be apparently.
I wonder what they are best used for?
Brian