1 Reply Latest reply on Jan 28, 2004 3:37 PM by mkumar79

    jboss jaas security

    mkumar79

       

      "mkumar79" wrote:
      I got the form authentication but I am having trouble with authorization.
      in my login-config.xml I have specified UsersRolesLoginModule..

      login-config.xml

      <application-policy name="Security">
      <authentication>
      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required" />
      </authentication>
      </application-policy>


      web.xml
      <welcome-file-list>
      <welcome-file>index.jsp</welcome-file>
      </welcome-file-list>

      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Security Application</web-resource-name>
      <url-pattern>*.jsp</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      </web-resource-collection>
      <auth-constraint>
      <role-name>supervisor</role-name>
      </auth-constraint>
      </security-constraint>
      <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
      <form-login-page>/login.jsp</form-login-page>
      <form-error-page>/error.jsp</form-error-page>
      </form-login-config>
      </login-config>


      jboss-web.xml

      <jboss-web>
      <context-root>Security</context-root>
      <security-domain>java:/jaas/Security</security-domain>
      </jboss-web>


      When I bring up the application, it goes to login.jsp, as expected. If I authenticate fine, it just comes back to login page. If I put in incorrect username and password, it goes to error page.
      Since the welcome file is index.jsp, what do I need to do for it to go to welcome file upon a successful authentication?

      thanks,


        • 1. Re: jboss jaas security
          mkumar79

           

          "mkumar79" wrote:
          I have finally figured out how to get Struts Menus working with Jboss/JAAS using file-based authentication. Let me know if anyone is interested in viewing the configurations.

          I am still working on LDAP configuration. I can get the user to authenticate but I don't think I am setting the roleAttribute correctly.

          Thanks!