-
1. Re: How to plugin a custom authenticator (not using the global jboss-service.xml file)
jfclere Dec 15, 2010 4:12 AM (in response to karink)<auth-method>SSOBASIC</auth-method> is not valid. there are 4 valid values: BASIC, FORM, DIGEST and CLIENT_CERT
-
2. Re: How to plugin a custom authenticator (not using the global jboss-service.xml file)
karink Dec 15, 2010 4:21 AM (in response to jfclere)I thought by means of the following configuration in the jboss-web.xml file (see snippet below) of my web app I can plugin in a new/custom authenticator.
And that I can reference/use the new custom authenticator im my web app by using the key (SSOBASIC), which is configured in the jboss-web.xml file. If not, what would be the proper/correct way to plugin a authenticator without using jbossweb-tomcat55.sar/META-INF/jboss-service.xml file
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd">
<jboss-web><security-domain>java:/jaas/passataxa</security-domain>
<context-root>/acontextroot</context-root>
<authenticators>
<authenticator>
<key>SSOBASIC</key>
<value>com.xxx.MysuperAuthenticator</value>
</authenticator>
</authenticators>
</jboss-web>Regards Karin
-
3. Re: How to plugin a custom authenticator (not using the global jboss-service.xml file)
jfclere Dec 15, 2010 4:33 AM (in response to karink)the <realm-name>aRealm</realm-name> should correspond to <security-domain>java:/jaas/passataxa</security-domain> (passataxa in fact)
-
5. Re: How to plugin a custom authenticator (not using the global jboss-service.xml file)
karink Dec 15, 2010 5:32 AM (in response to jfclere)I have additionally written my own jaas login module (this works very well) also with the realm name I used above. (I think that you meant that with your last 2 posts).
Additionally I have written a Tomcat Authenticator (meaning a class extending the AuthenticatorBase class of Tomcat) in the same way Tomcat does it for JEE standard auth methods (like BASIC, FORM,...) I just wanted to create my own to do some SSO stuff (very proprietary). I found descriptions how to do it see http://community.jboss.org/wiki/GenericHeaderBasedAuthentication and there is also described that I can plug it in into the file
jbossweb-tomcat55.sar/META-INF/jboss-service.xml (which also works). Using that I can define an own auth-method (e.g. SSOBASIC) and everything is fine. The prob I have is that this file is shared in our environment between serveral JBoss Runtimes and I cannot modify it. In the dtd structure of jboss-web there is also a authenticator tag, so therefor I thougt I can use that one
see http://www.jboss.org/j2ee/dtd/jboss-web_4_2.dtd.
It would be also possible to plug it in as a valve (as also described in http://community.jboss.org/wiki/GenericHeaderBasedAuthentication ) but then I would not be able to use a custom auth-method (SSOBASIC in my sample)
Regards
Karin