1 Reply Latest reply on Jan 18, 2007 2:14 PM by bdaw

    Custom Authentication

    anu123suya Jan 18, 2007 5:28 AM

      I am authenticating using an external datasource and would like to bypass the JBoss Portal Authentication. Is this possible by complete elemination of the Portal DS?
      What will be the further implication on role management of users?


      Please help.



      • 2894 Views
      • Tags:
        • 1. Re: Custom Authentication
          bdaw
          bdaw Jan 18, 2007 2:14 PM (in response to anu123suya)

          First of all PortalDS is not only for users. Portal objects, security and etc. is persisted there. Then rhere are two separate issues here:
          1) Users management - so you can keep users in any other place. Abstraction is made by implementing UserModule and RoleModule (in 2.4) plus MembershipModule and UserProfileModule (in 2.6)

          2) Authetication. JBoss Portal just plugs into JAAS in JBoss AS so in this case JBossSX. Look at login-config.xml. Portal implementation of LoginModule interface just relies on UserModule and RoleModule, and you need to inject additional role for each user (by default "Authenticated") that is used for securing Portal Servlet (look in web.xml for portal-server.war). You can use any other LoginModule implementation - just remember about portal servlet security.

            • Actions