-
1. Re: JBoss not seeing my custom login module
stevecoh1 Apr 8, 2003 5:46 PM (in response to stevecoh1)OK, not getting anywhere here. I now did the following:
changed: changed the access-panel login config to be based on one of the canned login modules:
org.jboss.security.auth.spi.IdentityLoginModule
Same results.
Help! I'm dying here. -
2. Re: JBoss not seeing my custom login module
petertje Apr 9, 2003 3:56 AM (in response to stevecoh1)Post (attach) your web.xml, jboss-web.xml and login-config.xml and then this blind man will see if he can help you....
Peter -
3. Re: JBoss not seeing my custom login module
stevecoh1 Apr 9, 2003 9:13 AM (in response to stevecoh1)Thank you very much, Peter. I hope you can help me. This has been very frustrating. If I had a sample project setting up any authentication for a simple web-app I could solve this, but you don't seem to have one. The documentation is organized in a very complicated way that threads back and forth between ejb and web-app and is not pleasant to follow, in contrast, I must say, with the rest of jboss - which has been, up to now, a real pleasure to use.
Here are the three files you requested to look at. Thank you very much. -
4. Re: JBoss not seeing my custom login module
stevecoh1 Apr 9, 2003 9:15 AM (in response to stevecoh1)Thank you very much, Peter. I hope you can help me. This has been very frustrating. If I had a sample project setting up any authentication for a simple web-app I could solve this, but you don't seem to have one. The documentation is organized in a very complicated way that threads back and forth between ejb and web-app and is not pleasant to follow, in contrast, I must say, with the rest of jboss - which has been, up to now, a real pleasure to use.
Here are the three files you requested to look at. Thank you very much. -
5. Re: JBoss not seeing my custom login module
stevecoh1 Apr 9, 2003 9:17 AM (in response to stevecoh1)Test.
Hmm, I just sent my answer but it doesn't seem to have been posted. -
6. Re: JBoss not seeing my custom login module
stevecoh1 Apr 9, 2003 9:24 AM (in response to stevecoh1)> Post (attach) your web.xml, jboss-web.xml and
> login-config.xml and then this blind man will see if
> he can help you....
>
> Peter
>
Thank you very much, Peter.
This has been very frustrating for me. I have the feeling that I am overlooking something really simple but cannot figure out what it is. The documentation could certainly be better organized. Instead of threading back and forth between ejb and web-app settings, each could be handled as a separate case with the common theoretical parts preceding them. I think if there was just a simple end-to-end sample of a simple web-app with authentication, I would not be having this problem.
I should also emphasize that until this point my experiences with jboss have been uniformly pleasant, so I was quite disappointed with this.
OK, I am now attaching the files. you asked for. I hope you can help. -
7. Re: JBoss not seeing my custom login module
stevecoh1 Apr 9, 2003 9:26 AM (in response to stevecoh1)Test. I see. Simply "reply" doesn't post to the topic but "reply to topic" does?
-
8. Re: JBoss not seeing my custom login module
stevecoh1 Apr 9, 2003 9:27 AM (in response to stevecoh1)test
-
9. Re: JBoss not seeing my custom login module
stevecoh1 Apr 9, 2003 9:30 AM (in response to stevecoh1)test reply. Several of my other replies are not being posted.
-
10. Re: JBoss not seeing my custom login module
egarup May 9, 2003 4:09 AM (in response to stevecoh1)Did anyone solve this issue. I have a similar problem and initially the class could not be found but I placed my login module in a jar in the lib folder. Now I get the message failed to create LoginModule(my.class.name) using jboss 3.2.0
-
11. Re: JBoss not seeing my custom login module
egarup May 9, 2003 10:33 AM (in response to stevecoh1)I have found that the option that works best is to use a proxy login module in the login-config.xml
<application-policy name = "policy_name">
<login-module code = "org.jboss.security.auth.spi.ProxyLoginModule"
flag = "required">
<module-option name = "moduleName">my.class</module-option>
</login-module>
The policy name must match the entry in your jboss application config file jboss-web.xml.
<jboss-web>
<!-- All secured web content uses this security manager - must match the value in login-config in jboss -->
<security-domain>java:/jaas/policy_name</security-domain>
</jboss-web>.
Your custom login module also needs to do a couple of things when the user logs in:
1 - create a java.security.acl.Group with a group name of "CallerPrincipal". This group must have a single Principal member, which will be the Principal returned by any calls to request.getUserPrincipal().
2 - create a java.security.acl.Group with the group name "Roles" and add all roles to which the user belongs.
add these two group to the subjet's principal list.