2 Replies Latest reply on Jun 12, 2014 3:25 PM by etsauer

    UsersRolesLoginModule now requires files to be included in app ?

    dmison
    dmison Jul 17, 2011 11:57 PM

      Using  org.jboss.security.auth.spi.UsersRolesLoginModule under JBoss AS 5 & 6 the properties files where located relative to the jboss-as/server/PROFILE/conf/ directory.

       

        <application-policy name="app-dev">
    <authentication>
      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
        <module-option name="usersProperties">props/app-users.properties</module-option>
        <module-option name="rolesProperties">props/app-roles.properties</module-option>
      </login-module>
    </authentication>
  </application-policy>

       

      Under AS7 however it seems you must now include these files in the app itself, i.e. app.war/WEB-INF/props/

       

      This seems a little strange to me. Is this an oversight?  Is there a recommended way to specify a non-app specific location ?

      • 3534 Views
      • Tags:
        • 1. Re: UsersRolesLoginModule now requires files to be included in app ?
          jaikiran
          jaikiran Jul 18, 2011 12:00 AM (in response to dmison)

          UsersRolesLoginModule has always looked for the properties file in the classpath. In previous versions of AS, the JBOSS_HOME/server/<servername>/conf was on classpath, so you could put your properties there. In AS7 there is no such place, hence you need to package them within the application which makes it available in the classpath.

            • Actions
          • 2. Re: Re: UsersRolesLoginModule now requires files to be included in app ?
            etsauer
            etsauer Jun 12, 2014 3:25 PM (in response to jaikiran)

            I see this is an old post, but since I came across it while troubleshooting a similar issue...

             

            You can alternatively specify a properties file absolute path using the 'file://' notation. For example, my security domains look something like:

             

                            <security-domain name="JBossWS" cache-type="default">
                    <authentication>
                        <login-module code="UsersRoles" flag="required">
                            <module-option name="usersProperties" value="file://${jboss.server.config.dir}/jbossws-users.properties"/>
                            <module-option name="rolesProperties" value="file://${jboss.server.config.dir}/jbossws-roles.properties"/>
                            <module-option name="unauthenticatedIdentity" value="anonymous"/>
                        </login-module>
                    </authentication>
                </security-domain>
              • Actions