-
1. Re: JAAS with JBoss examples?
lmagee Oct 8, 2002 1:13 PM (in response to gwoodward)The JBoss documentation available for purchase has a number of examples of using JAAS in Chapter 8 (along with source code). At $10 it is well worth purchasing.
-
2. Re: JAAS with JBoss examples?
gwoodward Oct 8, 2002 2:00 PM (in response to gwoodward)As I said in my posting, we have purchased the yearly JBoss documentation subscription, and I have looked in detail through the examples in Chapter 8. There are examples for using a security proxy, authentication using JNDI, SRP, an SSL test, and a timed cache policy. What seems to be lacking are more simple, basic examples and "how to's": how does one set up basic authentication using properties files, and how does one set up authentication JDBC? I have read the sections in Chapter 8 in the docs, but this provides an overview, and does not lead one step-by-step through the necessary configuration.
The examples and documentation provide information on all sorts of advanced topics, but doesn't provide basic information on how to set up authentication, at least not in a step-by-step fashion.
Any help anyone may be able to provide would be greatly appreciated.
Regards,
Greg -
3. Re: JAAS with JBoss examples?
richardberger Oct 9, 2002 2:45 AM (in response to gwoodward)I am a relative neophyte, but here is what I did to set up DBMS based authentication that works with both JAAS Callbacks (as seen in the code example in chapter 8) or with j_security_check (although as I am pursuing in other posts - they don't quite work seamlessly together).
I think you can break the problem into two pieces - how to set up the environment and what code to write. Since chapter 8 has a good description of the code (and a good article can be found at: http://www.javaworld.com/javaworld/jw-09-2002/jw-0913-jaas.html), I will describe the Security Realm setup.
Realm setup....
I believe that in JBoss, there are three configuration files that need to change, two are in the application and one is in the "server environment". In addition, there is one line of code that needs to reference this realm.
1. In web.xml - make sure you have a <realm-name>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>DrillSgtRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
2. In jboss-web.xml:
<security-domain>java:/jaas/DrillSgtRealm</security-domain>
3. In conf/login-config.xml
<application-policy name = "DrillSgtRealm">
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name = "dsJndiName">java:/DrillDB</module-option>
<module-option name = "principalsQuery">select Password from UserDS where Email = ?</module-option>
<module-option name = "rolesQuery">select Role, RoleGroup from RoleDS where Email = ?</module-option>
</login-module>
</application-policy>
This is probably the most confusing part, but it is well documented in Chapter 8 under DatabaseServerLoginModule
And we need to change the code....(see the example in Chapter 8)
lc = new LoginContext("DrillSgtRealm", handler);
At least this works for me using JBoss 3.0.2, mySQL 3.0, and running on Windows XP Pro.
Good luck!
RB