3 Replies Latest reply on Jun 28, 2007 2:56 PM by bhatman

    Setting  BASIC authentication for web console

    bhatman
    bhatman Jun 21, 2007 11:24 AM

      Hi All,

      I am trying to set up BASIC authentication for my web console as per the http://docs.jboss.com/jbossas/guides/j2eeguide/r2/en/html_single/#d0e2129 and DatabaseServerLoginModule. I want to integrate with existing sybase db's user/privilage table. The war file is bundled into ear file.

      when i browse http://localhost:8080/p5admin, the authentication dialogue box does not pop-up for the given url pattern. What could be missing?? Here are my configuration files


      WEB.XML
      ------

      <security-constraint>
 <display-name>Server Configuration Security Constraint</display-name>
 <web-resource-collection>
 <web-resource-name>Secure Resources</web-resource-name>
 <description>Security constraint for all resources</description>
 <url-pattern>/p5admin/*</url-pattern>
 <http-method>POST</http-method>
 <http-method>GET</http-method>
 </web-resource-collection>
 <auth-constraint>
 <description>Only allow those users that are in the following role</description>
 <role-name>SERVER_ADMIN</role-name>
 </auth-constraint>

 </security-constraint>
 <login-config>
 <auth-method>BASIC</auth-method>
 </login-config>

 <security-role>
 <description> SERVER_ADMIN role </description>
 <role-name>SERVER_ADMIN</role-name>
 </security-role>
</web-app>


      jboss-web.xml
      -------------       

      <web-app>

 <security-domain>java:/jaas/p5admin</security-domain>
</web-app>


      login-config.xml
      ---------------- 

      <application-policy name = "p5admin">
 <authentication>
 <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
 flag = "required">
 <module-option name = "dsJndiName">pstDS_01</module-option>
 <module-option name = "principalsQuery">SELECT userPassword FROM PST_User WHERE userID=?</module-option>
 <module-option name = "rolesQuery">SELECT privilegeID, 'Roles' FROM PST_AEPrivilege WHERE userID=?</module-option>
 </login-module>
 </authentication>
 </application-policy>
</policy>



      TIA

      bhat

      • 1302 Views
      • Tags:
        • 1. Re: Setting  BASIC authentication for web console
          peterj
          peterj Jun 21, 2007 5:17 PM (in response to bhatman)

          I assume that you changed < context-root > in boss-web.xml to be "p5admin".

          I think that in the web.xml the < url-pattern > should be simply "/*". The context-root is assumed.

            • Actions
          • 2. Re: Setting  BASIC authentication for web console
            bhatman
            bhatman Jun 26, 2007 9:37 AM (in response to bhatman)

            Thank you so much for the response. However there is no <context-root/> element in jboss-web.xml
            And we want < url-pattern > to be "/p5admin/*" instead of "/*" url pattern.

            Note that I the war file is inside ear file. and the application.xml has context root,

            <application>
 <display-name>Enterprise Server</display-name>
 <description>Enterprise Server</description>

 <module>
 <web>
 <web-uri>p5web.war</web-uri>
 <context-root>p5admin</context-root>
 </web>
 </module>
 <module>
 <ejb>p5ejb.jar</ejb>
 </module>

</application>




              • Actions
            • 3. Re: Setting  BASIC authentication for web console
              bhatman
              bhatman Jun 28, 2007 2:56 PM (in response to bhatman)

              Hi Peter,
              Your solution did work, the authentication was failing as I had wrongly configured login-config.xml , after enabling log4j for security I was able to fing the root cause.

              Thank you all!

                • Actions