-
1. Re: Security: Tomcat -> JBoss
starksm64 Aug 28, 2004 12:25 AM (in response to yuriyg)Read the JAAS Howto in this forum. The credentials have to be provided the same as any other ejb client. Propagation of the web container credentials requires non-standard integration with the tomcat web container via a valve.
-
2. Re: Security: Tomcat -> JBoss
yuriyg Sep 10, 2004 5:19 AM (in response to yuriyg)Interesting. Maybe I read something wrong, maybe I can't read at all. But Jaas howto contains Tomcat links in sentences where JBoss/Tomcat is recommended to download, in JBoss logs, and yet one irrelevant sentence. Valve is occured only in logs. No any explanation.
Maybe I need to read other howtos? Sorry, but it's totally misguided. -
3. Re: Security: Tomcat -> JBoss
yuriyg Sep 10, 2004 6:40 AM (in response to yuriyg)I tried to write own valve. Just for test. And always get null from request.getUserPrincipal(). Though basic authentication seems completed (though, strangely it succeeds always).
-
4. Re: Security: Tomcat -> JBoss
starksm64 Sep 10, 2004 8:27 PM (in response to yuriyg)The JAAS howto deals with the public interface for passing in credentials. See the jboss-3.x/tomcat/src/main/org/jboss/web/tomcat/security package for example Realms and Valves for propagating the web container credentials.