3 Replies Latest reply on Jul 8, 2006 6:16 PM by anil.saldhana

Login Configuration Enhancement

jiwils Jul 7, 2006 11:54 AM

Currently, I can reuse login modules by changing the login configuration stack in various security domains. Would it be possible to make a given security domain referenceable from another stack/domain in the future as an enhancement? Without this, configuration can get messy (so it seems).

For example, I want to use the LDAP login module, and I have a domain that contains this login module in its stack. This could be deployed in the static login-config.xml file or as a part of a DynamicLoginConfig deployment. Then, I have another domain that needs the same LDAP configuration plus additional login modules. This means that the same configuration information is now in two different locations (and possibly deployments). This is what I would like to avoid if possible.

I can think of two possible solutions. The first would be to reference domains inside a domain's login module stack as I have already alluded to. The second would be to write a login module that could talk to another domain (and thereby accomplish the same thing as the first solution).

Are there other alternatives/possibilities out there than can solve this double configuration problem?

1. Re: Login Configuration Enhancement

anil.saldhana Jul 7, 2006 1:25 PM (in response to jiwils)
More like:

<policy> <application-policy name="xyz" extends "abc"> <authentication> ... </authentication> </application-policy> </policy>

We have the same concept for JBoss container configurations. So I do not see why we cannot do for the application policies in the security configuration space.

I will add a feature request for this, if I do not see any objections to this.
Actions
2. Re: Login Configuration Enhancement

soshah Jul 7, 2006 1:40 PM (in response to jiwils)
"anil.saldhana@jboss.com" wrote:
More like:

<policy> <application-policy name="xyz" extends "abc"> <authentication> ... </authentication> </application-policy> </policy>

We have the same concept for JBoss container configurations. So I do not see why we cannot do for the application policies in the security configuration space.

I will add a feature request for this, if I do not see any objections to this.

What about a comma-separated list of security-domains to which this policy should be applied

kind of like

<policy> <application-policy name="xyz,abc,lmn"> <authentication> ... </authentication> </application-policy> </policy>
Actions
3. Re: Login Configuration Enhancement

anil.saldhana Jul 8, 2006 6:16 PM (in response to jiwils)

http://jira.jboss.com/jira/browse/JBAS-3378

It won't happen soon though.
Actions

Go to original post