4 Replies Latest reply on Sep 10, 2004 8:27 PM by starksm64

    Security: Tomcat -> JBoss

    yuriyg
    yuriyg Aug 27, 2004 10:09 AM

      Does somebody know how to propagate credentials from Tomcat to JBoss. I even specify that we are going to use tagish lib for get OS credentials but how then pass these credentials to JBoss?

      • 2962 Views
      • Tags:
        • 1. Re: Security: Tomcat -> JBoss
          starksm64
          starksm64 Aug 28, 2004 12:25 AM (in response to yuriyg)

          Read the JAAS Howto in this forum. The credentials have to be provided the same as any other ejb client. Propagation of the web container credentials requires non-standard integration with the tomcat web container via a valve.

            • Actions
          • 2. Re: Security: Tomcat -> JBoss
            yuriyg
            yuriyg Sep 10, 2004 5:19 AM (in response to yuriyg)

            Interesting. Maybe I read something wrong, maybe I can't read at all. But Jaas howto contains Tomcat links in sentences where JBoss/Tomcat is recommended to download, in JBoss logs, and yet one irrelevant sentence. Valve is occured only in logs. No any explanation.

            Maybe I need to read other howtos? Sorry, but it's totally misguided.

              • Actions
            • 3. Re: Security: Tomcat -> JBoss
              yuriyg
              yuriyg Sep 10, 2004 6:40 AM (in response to yuriyg)

              I tried to write own valve. Just for test. And always get null from request.getUserPrincipal(). Though basic authentication seems completed (though, strangely it succeeds always).

                • Actions
              • 4. Re: Security: Tomcat -> JBoss
                starksm64
                starksm64 Sep 10, 2004 8:27 PM (in response to yuriyg)

                The JAAS howto deals with the public interface for passing in credentials. See the jboss-3.x/tomcat/src/main/org/jboss/web/tomcat/security package for example Realms and Valves for propagating the web container credentials.

                  • Actions