2 Replies Latest reply on Jan 30, 2014 10:16 AM by kalamma1

    JBoss AS: Basic Authentication by remote IP addr

    kalamma1
    kalamma1 Jan 29, 2014 12:19 PM

      Is it possible to set up Basic Authentication on JBoss AS 5 for requests coming in from a specific IP addr?

      We have an internal development site that can also be accessed externally through a proxy server. I'd only like to authenticate those coming from the proxy.

      I had no problem setting up the Basic Authentication part. I just need to know how to do the IP check.

      Any help would be appreciated. Thanks!

        • 1. Re: JBoss AS: Basic Authentication by remote IP addr
          erasmomarciano
          erasmomarciano Jan 30, 2014 4:14 AM (in response to kalamma1)

          Hi

          You can use these modules  login-config.xml

           

          BaseCertLoginModuleAuthenticates client certificates, must be stacked with another login module that does authorization
          CertRolesLoginModuleAn extension of BaseCertLoginModule that authenticates against client certificates and authorizes against properties files
          ClientLoginModulesUsed by standalone clients that want to log into a secure server
          DatabaseCertLoginModuleAn extension of BaseCertLoginModule that authenticates against client certificates and authorizes against a database
          DatabaseServerLoginModuleLoads user/role information from a database
          IndentityLoginModulea testing login module that causes all users to authenticate with the same credentials
          LdapExtLoginModuleLoads user/roles information from a LDAP server (supports hierarchical role structure)
          ldapLoginModuleLoads user/roles information from a LDAP server (only works with flat role structures)
          RunASLoginModuleCan be stacked with another login module to define the run-as status that they use while they're authenticating, useful if you need to call a secured EJB that's responsible for authenticating users.
          SimpleServerLoginModuleA testing login module that allows any role with a null password to authenticate
          SRPCacheLoginModuleUsed to authenticate users using the Secure Remote Password (SRP) protocol
          SRPLoginModuleUsed by standalone clients that want to authenticate using the SRP protocol
          UsersRolesLoginModule

          Loads user/roles information from property files

           

          Or you can make an new module.

          <application-policy name="my-security-domain">

              <authentication>

               <login-module code=""

               ..........................................

            • Actions
          • 2. Re: JBoss AS: Basic Authentication by remote IP addr
            kalamma1
            kalamma1 Jan 30, 2014 10:16 AM (in response to erasmomarciano)

            Hi

             

            I am using UsersRolesLoginModule and am able to get the authentication to work.

            The site is a development site behind a firewall with external access through a proxy server.

            Two different urls to the site.

             

            My question is if there is a way to detect that the request is coming in from the external url and

            only then show the login prompt. I don't want internal users to have to log in.

             

            Thanks.

              • Actions