-
1. Re: Valve configuration at web container level
jaikiran Sep 29, 2011 7:30 AM (in response to kevinwu)It's per application level now. See an example (in the last section) here http://community.jboss.org/wiki/JBossAS7SecurityDomainModel
-
2. Re: Valve configuration at web container level
kevinwu Oct 3, 2011 10:32 AM (in response to jaikiran)Hi Jaikiran,
Thanks and let me understand it correctly...
In AS 7, every previously centrialized web container based Valve configurations under "jboss-4.2.3.GA\server\default\deploy\jboss-web.deployer\server.xml" in 4.2.3 have to be configured in each web app level.
Previously in 4.2.3 server.xml:
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
<Valve className="org.jboss.web.tomcat.service.jca.CachedConnectionValve"
cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager"
transactionManagerObjectName="jboss:service=TransactionManager" />
Now, those configurations have to be in .war/WEB-INF/jboss-web.xml as
<?xml version="1.0" encoding="ISO-8859-1"?>
<jboss-web>
<valve>
<class-name>org.apache.catalina.authenticator.SingleSignOn</class-name>
</valve>
<valve>
<class-name>org.jboss.web.tomcat.service.jca.CachedConnectionValve</class-name>
<param>
<param-name>cachedConnectionManagerObjectName</param-name>
<param-value>jboss.jca:service=CachedConnectionManager</param-value>
</param>
<param>
<param-name>transactionManagerObjectName</param-name>
<param-value>jboss:service=TransactionManager</param-value>
</param>
</valve>
</jboss-web>
Is that correct understanding?
----
Also from JbossAS7SecurityDomainModel article, Anil Saldhana said "I don't think we want users to configure realms anymore. You use the JBoss supplied realm."
Does that mean previous Realm configuration in "jboss-4.2.3.GA\server\default\deploy\jboss-web.deployer\server.xml", e.g.:
<Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm"
certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
allRolesMode="authOnly"
/>,
no longer need to be configured? Is that correct understanding?
Thank alot,