1 Reply Latest reply on Nov 12, 2003 1:49 PM by nalin

auth-constraint out of web.xml

poojac20 Nov 12, 2003 1:43 PM

I am setting up JAAS realm to be used along with my web-application. The authentication is not complex and a simple form-based j_security_check works just fine.

Now, for authentication, I am fine with a not-so-complex org.jboss.security.auth.spi.UsersRolesLoginModule with simple property files achieving the desired affect. This makes it possible to have user-password and user-role mappings defined outside the web-application.

The problem is this. I want to give my role-resource mapping outside the application. (mostly uri resources). I do not want to write <auth-constarint> tags inside web.xml, but rather have JAAS find it from another property file which resides outside my application. Something similar to the sample-JAAS-policy-file this page gives http://www.theserverside.com/resources/article.jsp?l=JAAS

Has someone already thought of this ?
(more imp, u think it IS possible?)

1. Re: auth-constraint out of web.xml

nalin Nov 12, 2003 1:49 PM (in response to poojac20)

This was the feature I also wanted to incorporate. If any solutions please put it forward as soon as possible. It would be of great help
Thanx & Regards
Actions