-
1. Re: Problem with jboss-web.xml : role mapping doesn't work f
djeanprost Aug 4, 2005 3:24 AM (in response to djeanprost)Stopping thread. See answer in Servlet newsgroup.
Dom -
2. Re: Problem with jboss-web.xml : role mapping doesn't work f
debopam Aug 4, 2005 4:11 AM (in response to djeanprost)? Add this following in the application?s web.xml file:
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin Console</web-resource-name>
<url-pattern>/admin/abc.jsp</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>administrators</role-name>
</auth-constraint>
</security-constraint>
Similarly for other groups/roles and url patterns attributes are added in web.xml
? Change login-config.xml in %JBOSS_HOME%/server/default/conf directory
<application-policy name = "TEST_SECURITY_DOMAIN">
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required">
<module-option name="usersProperties">users.properties</module-option>
<module-option name="rolesProperties">roles.properties</module-option>
</login-module>
</application-policy>
(You can put any name in place of ?TEST_SECURITY_DOMAIN?)
? Change jboss-web.xml in %JBOSS_HOME%/server\default\deploy\<your application>\WEB-INF directory
<jboss-web>
<security-domain>java:/jaas/TEST_SECURITY_DOMAIN</security-domain>
</jboss-web>
? Add users.properties in %JBOSS_HOME%/server/default/conf directory
Add user name and password in the following format
Username = password
(if username:: abc & password::pqr add abc = pqr in users.properties)
? Add roles.properties in %JBOSS_HOME%/server/default/conf directory
Add the user name and role in the following format
Username = role (take it from web.xml)
(If username:: abc & role::admin add abc = admin in roles.properties)
? Add this to web.xml
<login-config>
<!--<auth-method>BASIC</auth-method> -->
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/admin/adminlogin.html</form-login-page>
<form-error-page>/admin/adminlogin.html</form-error-page>
</form-login-config>
</login-config>
(it tells server what is your admin login page)
? Add this to your admin login page