2 Replies Latest reply on Jul 9, 2003 10:20 AM by tpearsall

    Any way to avoid the auth.conf file?

    tpearsall
    tpearsall Jul 9, 2003 9:56 AM

      Instead of jndi.properties I include the jndi fields I need in the login box and set the environment variables before calling the initial context:

      Hashtable env = new Hashtable();
      env.put(Context.INITIAL_CONTEXT_FACTORY,loginPanel.getContextFactory());
      env.put(Context.PROVIDER_URL, loginPanel.getJNDIService());
      env.put(Context.URL_PKG_PREFIXES, loginPanel.getPackagePrefix());
      ic = new InitialContext(env);

      Is there a similar way to set the values from auth.conf for the client?
      AtlantisSecurity {
      org.jboss.security.ClientLoginModule required;
      };

      It would be so much easier (although potentially less portable) than keeping track of the auth.conf file.

      Thanks,
      Todd

      • 2048 Views
      • Tags:
        • 1. Re: Any way to avoid the auth.conf file?
          haraldgliebe
          haraldgliebe Jul 9, 2003 10:11 AM (in response to tpearsall)

          Hi Todd,

          you can do your own JAAS configuration, have a look at javax.security.auth.login.Configuration. It will be a little bit more complicated than the JNDI properties, though.
          If you don't care about portability you could also do the login with
          org.jboss.security.SecurityAssociation.setPrinicpal / setCredentials

          Regards,
          Harald

            • Actions
          • 2. Re: Any way to avoid the auth.conf file?
            tpearsall
            tpearsall Jul 9, 2003 10:20 AM (in response to tpearsall)

            Thanks for the lead, I'm on it.

            Another option that would work if do-able would be to put the auth.conf in the app.jar file and reference it there instead of out on the file system. Is that a simpler option?

            Thanks again,
            Todd

              • Actions