4 Replies Latest reply on Oct 7, 2002 6:17 PM by lordlobster

    Come on guys...

    lordlobster
    lordlobster Oct 5, 2002 3:50 PM

      Does anybody have any tips on the following?
      ...

      I am just getting to grips with JAAS on JBoss, as this question may demonstrate...

      I am developing a J2ME/J2EE application wich will eventualy be deployed to a Hosting Company. Many of these companies allow an .EAR to be uploaded and that is pretty much it... the app is online.

      My question is: If many of the JBoss configuration files lie outside of the .EAR
      (e.g. jboss-3.0.2\server\default\conf\loginconfig.xml) -

      How do service providers handle this?
      Do they provide a security domain in the loginconfig.xml?

      Do the default JBoss domains allow DB validation?

      Does anybody have any experience of this?, pointers to tutorials?
      Any information appreciated.

      Cheers

      • 3001 Views
      • Tags:
        • 1. Re: Come on guys...
          richardberger
          richardberger Oct 5, 2002 6:49 PM (in response to lordlobster)

          I am pretty new to this forum, but I have deployed a JBoss application to a hosting vendor (WebAppCabaret). They way that WebAppCabaret works is that you get a local copy of the configuration files, and you can change them. I found that I needed to do this to setup a datasource and I will have to do that to set up security realms for the next application I upload (haven't done that yet).

          The specifics will vary with the hosting company of course.

          My domain uses database authentication via the following snippet in the login-config.xml:

          <application-policy name = "DrillSgt">

          <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
          flag = "required">
          <module-option name = "dsJndiName">java:/DrillDB</module-option>
          <module-option name = "principalsQuery">select Password from UserDS where Email = ?</module-option>
          <module-option name = "rolesQuery">select Role, RoleGroup from RoleDS where Email = ?</module-option>
          </login-module>

          </application-policy>

          HTH (and that someone will answer my question on Roles/JAAS)...

          RB

            • Actions
          • 2. Re: Come on guys...
            chgrimm
            chgrimm Oct 7, 2002 2:55 AM (in response to lordlobster)

            about security domains and service providers:

            one soultion can be the following:

            the service provider set's up some security.domain "customer" using the proxy login module
            and specifying a class name "customer.security.LoginModule" ( or whatever name he prefers" ).
            customers provide an implementation of this LoginModule inside there .war file and specify the "customer" domain in the jboss-web.xml file.

              • Actions
            • 3. Re: Come on guys...
              lordlobster
              lordlobster Oct 7, 2002 5:58 PM (in response to lordlobster)

              Hi thanks for the responses.

              I thought this might be a stumbeling block but both seem like reasonably straight forward sollutions.

              I think we will use webAppCaberet they seem pretty cheap with a good service... unles anybody has any other sugestions. (We did hope to use myCgiServer but they seem to be draggin the J2EE thing right out.)

              Cheers

                • Actions
              • 4. Re: Come on guys...
                lordlobster
                lordlobster Oct 7, 2002 6:17 PM (in response to lordlobster)

                (My last reply seemed to dissapear, so this may go in twice)

                Thanks for the info.

                Both sollutions seem resonably straight forward, nice to know that these things are really being used live and that solutions are in place.

                We will probalby go with WebAppCaberet unless MyCGIServer gets its finger out and goes live with J2EE.

                Cheers

                  • Actions