1 2 Previous Next 15 Replies Latest reply on Jul 14, 2011 4:43 AM by wolfgangknauf

JBOSS BASIC Authentication

garjunan Feb 1, 2011 1:17 AM

Hi,

I am trying configure BASIC authentication in jboss 4.2.3. I have more than 2 war files running on single jboss instance.

I have done the required configuration for basic authentication. When I enter the url without context root I am getting username/password pop up window.

ex: http://192.168.1.10:8080/

I am not getting username/password pop up If i use the complete url like below.

ex: http://192.168.1.10:8080/testsite

http://192.168.1.10:8080/testsite2

What could be the issue? what all other configuration change is required to make this work?

Thanks

Gokul

1. JBOSS BASIC Authentication

jagb_10 Feb 1, 2011 2:06 AM (in response to garjunan)

Hi,

Can you know identify what the default application, it invokes when jboss starts
Actions
2. JBOSS BASIC Authentication

nickarls Feb 1, 2011 2:10 AM (in response to garjunan)

show your web.xml for your apps.
Actions
3. JBOSS BASIC Authentication

garjunan Feb 2, 2011 12:24 AM (in response to nickarls)

Thanks for your reply. Below is my web.xml.

<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
    "http://java.sun.com/dtd/web-app_2_3.dtd">

<web-app>
<display-name>Test</display-name>

<description>
     My Test
</description>
<servlet>
    <servlet-name>Status Servlet</servlet-name>
    <servlet-class>org.jboss.web.tomcat.service.StatusServlet</servlet-class>
</servlet>
<servlet-mapping>
    <servlet-name>Status Servlet</servlet-name>
    <url-pattern>/status</url-pattern>
</servlet-mapping>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>All resources</web-resource-name>
        <description>Protects all resources</description>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>

    <auth-constraint>
        <role-name>testSecurityRole</role-name>
    </auth-constraint>
</security-constraint>

<security-role>
    <role-name>testSecurityRole</role-name>
</security-role>

<login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Testing</realm-name>
</login-config>

</web-app>
Actions
4. JBOSS BASIC Authentication

garjunan Feb 2, 2011 12:35 AM (in response to jagb_10)

Hi Jagadeshwar,

I am using default jboss application during startup. I mean /opt/jboss-4.2.3/server/default/deploy is my war file directory. I have multiple war files under /opt/jboss-4.2.3/server/default/deploy dir.

Let me know if you want more detail on this.
Actions
5. JBOSS BASIC Authentication

nickarls Feb 2, 2011 1:40 AM (in response to garjunan)

How do you map users to roles?
Actions
6. JBOSS BASIC Authentication

garjunan Feb 2, 2011 9:54 AM (in response to nickarls)

Hi,

As I mentioned in my first thread I am getting the pop up for user authentication. But not with context root.

Some configuration files are below.

In login-config.xml

<application-policy name="myapp">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties">props/myapp-users.properties</module-option>
<module-option name="rolesProperties">props/myapp-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>

myapp-users.properties:
# users.properties file for use with the UsersRolesLoginModule
testUserName=testUserPassword

myapp-roles.properties:
# roles.properties file for use with the UsersRolesLoginModule
testUserName=testUserRole
Actions
7. JBOSS BASIC Authentication

garjunan Feb 2, 2011 9:58 AM (in response to garjunan)

Hi,

To avoid more confusion.

Here is my actual myapp-roles.properties. Above I copied & pasted from the site where i refered.

# roles.properties file for use with the UsersRolesLoginModule
testUserName=testSecurityRole

I refered this URL: http://www.xinotes.org/notes/note/880/

I changed the naming convention based on my needs. I followed the steps from the above URL.
Actions
8. Re: JBOSS BASIC Authentication

jagb_10 Feb 2, 2011 8:50 PM (in response to garjunan)

Hi,

if you use http://192.168.1.10:8080/ it should invoke the ROOT.war application,
May I know which application page it is dispalying(Root.war home page or one of your applications' page) after login authentication

Regards
Jagadeshwar
Actions
9. JBOSS BASIC Authentication

garjunan Feb 3, 2011 1:28 AM (in response to jagb_10)

Hi,

I am getting jboss default home page when i access http://192.168.1.10:8080/ URL. All my application can be accessed through full URL only (like., http://192.168.1.10:8080/testsite/ )

Thanks
Gokul
Actions
10. JBOSS BASIC Authentication

jaikiran Feb 3, 2011 1:36 AM (in response to garjunan)

Did you really change the web.xml in your testsite.war? Or did you change the one in ROOT.war?
1 of 1 people found this helpful
Actions
11. JBOSS BASIC Authentication

garjunan Feb 4, 2011 2:26 AM (in response to jaikiran)

Jaikiran, Thanks for the clue.

Great..I got it now. When i refer other sites for reference they didn't mention the exact path of web.xml. So i configured it under ROOT.war.
Now I configured the web.xml under my application war file.

Path: testsite.war/WEB-INF/web.xml and we need to create jboss-web.xml under the same WEB-INF dir.

Thanks for pointing out at the right time.

ISSUE RESOLVED.

Now I tried to configure DIGEST authentication also and it worked fine.

Thanks all for your help.
Actions
12. Re: JBOSS BASIC Authentication

msarath Jul 13, 2011 7:47 AM (in response to garjunan)

Hi,

I have followed the steps as mentioned here:
http://www.xinotes.org/notes/note/880/
Only changed myapp to pmart (which is my application name).

When I try to access my site https://10.203.234.134:8443/pmart/ I get 404 error in IE and blank page in other browsers.

Could anyone please let me know if there is any other changes/checks I need to do other than the steps mentions in the above url ?

I have checked online and found similar article: http://www.datadisk.co.uk/html_docs/java_app/jboss5/jboss5_securing_web_apps.htm
On this page, where it says... "The behavior of a role can be controlled in the realm definition in the JBoss Web Server server/xxx/deploy/jbossweb.sar/server.xml"

The Reaml values mentioned on this site doesn't match with the one I have in my server.xml file.
Below is what i have in my server.xml file...
<Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
            certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
            allRolesMode="authOnly"
            />

This could be the problem why authentication is not working for my application?

Any clue is greatly appriciated. Thanks in advance.

Regards,
Sarath.
Actions
13. Re: JBOSS BASIC Authentication

wolfgangknauf Jul 14, 2011 3:28 AM (in response to msarath)

Hi Sarath,

I don't think that you have to change "server.xml" - security always worked for me without this change ;-). But maybe this is required for very "special" configs. A basic security should work without.

Could you provide more details on your app? Post all relevant security config snippets, your JBoss version and the structure of your app.

Best regards

Wolfgang
Actions
14. Re: JBOSS BASIC Authentication

msarath Jul 14, 2011 3:59 AM (in response to wolfgangknauf)

Thanks for your reply Wolfgang. I have followed many online articles whole yesterday but none of them worked
I have recently started working on JBoss.
Below are the details/content of files I have modified:

/home/edb/jboss-4.0.5.GA/server/default/deploy/perfmart.ear/perf-web.war/web.xml:
    <security-constraint>
          <web-resource-collection>
        <web-resource-name>All resources</web-resource-name>
        <description>Protects all resources</description>
        <url-pattern>/*</url-pattern>
          </web-resource-collection>

          <auth-constraint>
        <role-name>testUserRole</role-name>
          </auth-constraint>
    </security-constraint>

    <login-config>
      <auth-method>BASIC</auth-method>
          <realm-name>Test Realm</realm-name>
    </login-config>

    <security-role>
      <role-name>testUserRole</role-name>
    </security-role>

/home/edb/jboss-4.0.5.GA/server/default/deploy/perfmart.ear/perf-web.war/jboss-web.xml:
    <?xml version='1.0' encoding='UTF-8' ?>

    <!DOCTYPE jboss-web
    PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"
    "http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd">

    <jboss-web>
      <security-domain>java:/jaas/pmart</security-domain>
    </jboss-web>

/home/edb/jboss-4.0.5.GA/server/default/conf/login-config.xml:
    <application-policy name="pmart">
      <authentication>
    <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
        <module-option name="usersProperties">props/pmart-users.properties</module-option>
        <module-option name="rolesProperties">props/pmart-roles.properties</module-option>
    </login-module>
      </authentication>
    </application-policy>

/home/edb/jboss-4.0.5.GA/server/default/conf/props/pmart-roles.properties
# A sample roles.properties file for use with the UsersRolesLoginModule
testUserName=testUserRole

/home/edb/jboss-4.0.5.GA/server/default/conf/props/pmart-users.properties
# A sample users.properties file for use with the UsersRolesLoginModule
testUserName=testUserPassword
Actions

1 2 Previous Next

Go to original post