Global valve not getting invoked in JBoss EAP 6.1
lovinagarwal Sep 30, 2013 3:22 AMJBoss EAP 6.1
I have defined valve @global level in standalone.xml as below
<subsystem xmlns="urn:jboss:domain:web:1.4" default-virtual-server="default-host" native="false">
<valve name ="myvalve" module="mymodule" class-name="oracle.security.am.agent.common.authenticator.OAMAuthenticatorValve" >
<param param-name="configFile" param-value="/scratch/lovagarw/jboss/oam_config.properties"/>
</valve>
<connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
<virtual-server name="default-host" enable-welcome-root="true">
<alias name="localhost"/>
<alias name="example.com"/>
</virtual-server>
</subsystem>
And defined module as global module which can be used by all APPs
<subsystem xmlns="urn:jboss:domain:ee:1.1">
<global-modules>
<module name="mymodule" slot="main"/>
</global-modules>
<spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>
<jboss-descriptor-property-replacement>true</jboss-descriptor-property-replacement>
</subsystem>
Now if i protect my web application, then default authentication gets popped up instead of invoking my valve. I am in assumption, to use global valve there is no need to configure jboss-web.xml in my deployed app.
web.xml
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name/>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>Administrators</role-name>
</auth-constraint>
<user-data-constraint >
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-role>
<role-name>Administrators</role-name>
</security-role>
any pointers?