3 Replies Latest reply on Jul 12, 2013 11:16 AM by mstruk

    JAAS Authenticator from an external web application

    sviluppatorefico

      I would use the default security domain in Gatein 3.6 (gatein-domain) from an external web application deployed in a war in the same jboss 7 as.

       

      Here an example of web.xml:

       

        <security-constraint>

        <web-resource-collection>

        <web-resource-name>Authenticated</web-resource-name>

        <description></description>

        <url-pattern>/*</url-pattern>

        </web-resource-collection>

        <auth-constraint>

        <role-name>Authenticated</role-name>

        </auth-constraint>

        </security-constraint>

        <login-config>

        <auth-method>BASIC</auth-method>

                          <realm-name>Gatein Forums

        </realm-name>

        </login-config>

        <security-role>

        <role-name>Authenticated</role-name>

        </security-role>


      and here a jboss-web.xml:

       

       

        <security-domain>java:/jaas/gatein-domain</security-domain>

       

       

      The modules of the gatein domain are not found. I suppose the problem is a classloading problem. 

       

      14:58:32,198 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-1) Login failure: javax.security.auth.login.LoginException: unable to find LoginModule class: org.gatein.security.oauth.jaas.OAuthLoginModule from [Module "deployment.prova-0.0.1-SNAPSHOT.war:main" from Service Module Loader]

                at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808) [classes.jar:1.6.0_45]

                at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [classes.jar:1.6.0_45]

                at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [classes.jar:1.6.0_45]

                at java.security.AccessController.doPrivileged(Native Method) [classes.jar:1.6.0_45]