2 Replies Latest reply on Mar 12, 2007 1:35 PM by hawkis

    webapp login in a virual host

    hawkis
    hawkis Mar 5, 2007 3:50 PM

      Have created a web app packaged in a app.war.
      In its WEB-INF/classes are two files: users.properties and roles.properties.
      In its WEB-INF/jboss-web.xml is the line

      <security-domain>java:/jaas/webapp-policy</security-domain>

      In <JBOSS_ROOT>/server/default/conf/login-config.xml I have 
       <application-policy name="webapp-policy">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required" >
 <module-option name="usersProperties">users.properties</module-option>
 <module-option name="rolesProperties">roles.properties</module-option>
 <module-option name="roleGroupSeperator">.</module-option>
 </login-module>
 </authentication>
 </application-policy>


      Iff I deploy the app.war into the deploy folder, the login works perfectly. NOTE: No users and roles.properties in <JBOSS_ROOT>/server/default/conf folder.

      However, I planned to use this war file as the default web application for a particular virtual host, so I created a new host entry in <JBOSS_ROOT>/server/default/deploy/jbossweb-tomcat55.sar/server.xml, specifying another appBase location and supplying it with a context with an empty name. I created this folder and copied the app.war file into that folder and subsequently started the server. Two new folders were created (app and ROOT) in the new folder. But now the login does not function any more (a simple FORM based login that protects some of the pages in the app.war).

      I'm using out-of-the ZIP JBoss-4.0.5GA, and I had a peek at the property loading mechanism, and for all I could see the loading of the properties are a straight forward Java property loading that features the classpath (at that point in application startup).

      Finally, the question: Have I missed anything obvious here, or is this another twist of the classloader feature?


      • 2699 Views
      • Tags:
        • 1. Re: webapp login in a virual host
          hawkis
          hawkis Mar 5, 2007 4:21 PM (in response to hawkis)

          Excerpt from the <JBOSS_ROOT>/server/default/deploy/jbossweb-tomcat55.sar/server.xml:

           <Engine name="jboss.web" defaultHost="newhost">

 <!-- Removed most of the comments -->
 <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
 certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
 allRolesMode="authOnly"
 />

 <Host name="newhost"
 autodeploy="true"
 deployOnStartup="true"
 deployXML="true"
 appBase="app">
 <Valve className="org.apache.catalina.valves.AccessLogValve"
 directory="applog"
 suffix=".log"
 pattern="combined"/>
 <DefaultContext crossContext="true" reloadable="true" />
 <Context path="" docBase="app.war" />
 </Host>

 <Host name="localhost"
 autoDeploy="false" deployOnStartup="false" deployXML="false"
 configClass="org.jboss.web.tomcat.security.config.JBossContextConfig"
 >
<!-- only comments here -->
 </Host>


            • Actions
          • 2. Re: webapp login in a virual host
            hawkis
            hawkis Mar 12, 2007 1:35 PM (in response to hawkis)

            Ok. Logging into the application now works.

            The trick was to have the following lines in the jboss-web.xml:

             <context-root>/</context-root>
 <virtual-host>newhost</virtual-host>

            I also had to move my .war file back into the deploy folder.

            What I noticed was that the class 
            org.jboss.security.auth.spi.UsersRolesLoginModule
            never seemed to be called (by inspecting the server.log), if the above definition was not present. The only way to get that class to be called during application login ,was to have the war file in the <JBOSS_ROOT>/server/default/deploy folder.

              • Actions