This content has been marked as final.
Show 4 replies
-
1. Re: BaseCertLoginModule Does Not Work?
beve Oct 8, 2009 9:09 AM (in response to h.wolffenbuttel)Hi,
org.jboss.security.auth.spi.BaseCertLoginModule is not provided by JBossESB and this I'm not familiar with how it is expected to work.Or is this the same issue as the problem with the org.jboss.soa.esb.services.security.auth.login.CertificateLoginModule?
This is not the same issue as before. In this case you are configuring a login module just like you would for a web application, the difference being that the web application is generated upon deployment.
Could you try this login module separate from JBossESB and get it working like you expect and after that try it out in conjunction with the ESB?
If you can provide an example that I can deploy I'd be happy to take a closer look at this. Just easier and avoids any misunderstandings on what is going on.
Thanks,
/Daniel -
2. Re: BaseCertLoginModule Does Not Work?
h.wolffenbuttel Oct 8, 2009 9:23 AM (in response to h.wolffenbuttel)Hi,
How do I get a deployable version to you?
Regards,
Hans -
3. Re: BaseCertLoginModule Does Not Work?
beve Oct 8, 2009 9:28 AM (in response to h.wolffenbuttel)How do I get a deployable version to you?
Sorry, you can email me using : dbevenius@jboss.com
It's listed on my user profile but you have to click my user name to see it.
Thanks,
/Daniel -
4. Re: BaseCertLoginModule Does Not Work?
h.wolffenbuttel Oct 19, 2009 7:31 AM (in response to h.wolffenbuttel)Hi Daniel,
Thanx for the assistance!
The problem was located in the certlogin-users.properties and certlogin-roles.properties. The username should be:
"CN\=test,\ OU\=test,\ O=\test,\ L=\test,\ ST\=test,\ C\=NL". This means escaping all "," and "=" characters, otherwise the user is not found.
Also the final configuration looks like this:<application-policy name = "CertLogin"> <authentication> <login-module code="org.jboss.security.auth.spi.BaseCertLoginModule" flag = "required"> <module-option name="password-stacking">useFirstPass</module-option> <module-option name="securityDomain">java:/jaas/CertLogin</module-option> <module-option name="verifier">org.jboss.security.auth.certs.AnyCertVerifier</module-option> </login-module> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required"> <module-option name="password-stacking">useFirstPass</module-option> <module-option name="defaultUsersProperties">props/certlogin-users.properties</module-option> <module-option name="defaultRolesProperties">props/certlogin-roles.properties</module-option> <module-option name="usersProperties">props/certlogin-users.properties</module-option> <module-option name="rolesProperties">props/certlogin-roles.properties</module-option> </login-module> </authentication> </application-policy>
Regards,
Hans