-
1. Re: Specify SECURITY_PRINCIPAL and SECURITY_CREDENTIALS ?
tcherel Jan 17, 2005 10:04 AM (in response to 760613)As far as I understand, authetnication through the JNDI context is not supported by JBoss.
So, if you want to do it anyway, you will need to develop your own JBoss specific code to support it (or wait that JBoss supports it).
The other "standard" authentication mechanism is to use JAAS. I do believe that, at least, WebLogic, WebSphere and JBoss support this mechanism.
But the JAAS API is the only part that is standardized. Configuring JAAS for the application server is app server specific. According to which "directory" you want to authenticate with, the configuration can be only a few lines in a config file or a complete JAAS login module with extra "glue" to plug it in the app server.
Thomas -
2. Re: Specify SECURITY_PRINCIPAL and SECURITY_CREDENTIALS ?
starksm64 Jan 17, 2005 12:18 PM (in response to 760613)Read about org.jboss.security.jndi.LoginInitialContextFactory:
http://www.jboss.org/wiki/Wiki.jsp?page=LoginInitialContextFactory
Passing the login credentials through the JNDI InitialContext is not a standard. There is no j2ee spec that even suggests this is how a client might provide its authentication info. -
3. Re: Specify SECURITY_PRINCIPAL and SECURITY_CREDENTIALS ?
760613 Jan 18, 2005 4:28 AM (in response to 760613)Thanks tcherel and Scott.
Scott I ve read about the LoginInitialContextFactory.
If I get it right I need to do followings:
1. write a new application-policy (login-config.xml) based on a login-module or use the pre-defined client-login.
2. in the DD use the <security-domain>java:/jaas/client-login</security-domain>
3. update the env with:env.put( Context.SECURITY_PROTOCOL, "java:/jaas/client-login" )
4. obtain a Context as:org.jboss.security.jndi.LoginInitialContextFactory.getInitialContext( env );
Am I doing it right? I guess stage 2 is not needed if its a java-client (no web component.).
Thanks! -
4. Re: Specify SECURITY_PRINCIPAL and SECURITY_CREDENTIALS ?
starksm64 Jan 18, 2005 9:28 PM (in response to 760613)You don't do 4. This is done by JNDI when you use the org.jboss.security.jndi.LoginInitialContextFactory class as the Context.INITIAL_CONTEXT_FACTORY value in the env passed to InitialContextFactory.