9 Replies Latest reply on Mar 5, 2014 12:52 AM by rituraj

Simple sample basic authentication

fsoares Jan 15, 2014 6:24 AM

Hello

After read several times the wildfly documentation about security realms I think that a working example will be fine.

I saw these in the standalone.xml:

<security-realm name="ApplicationRealm">

<authentication>

<local default-user="$local" allowed-users="*"/>

<properties path="application-users.properties" relative-to="jboss.server.config.dir"/>

</authentication>

<authorization>

<properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>

</authorization>

</security-realm>

and I think that I can add users and roles with add-user.sh

My problem is how to map these to the web.xml of my app.

<security-constraint>

<web-resource-collection>

<web-resource-name>Viz Data Proxy</web-resource-name>

<url-pattern>*.html</url-pattern>

<http-method>GET</http-method>

<http-method>POST</http-method>

</web-resource-collection>

<auth-constraint>

<role-name>vizadmin</role-name>

</auth-constraint>

</security-constraint>

<login-config>

<auth-method>BASIC</auth-method>

<realm-name>file</realm-name>

</login-config>

<security-role>

<role-name>vizadmin</role-name>

</security-role>

These is a working sample with glassfish.

Can someone help me?

1. Re: Simple sample basic authentication

ybxiang.china Jan 15, 2014 10:11 PM (in response to fsoares)

JBoss AS 7.2.0 - Java EE application development - 05.How to configure Security domain and JAAS - part.1
Actions
2. Re: Simple sample basic authentication

fsoares Jan 16, 2014 8:38 AM (in response to ybxiang.china)

Well I was talking about wildfly CR1.
And after I read all the posts about the subject I think no one knows how to do it.
It's a big confusion.
In standalone.xml you have a "subsystem xmlns="urn:jboss:domain:security:1.2"
A lot of samples indicate that the way to go its with something like:

<security-domain name="VizTVI">
                    <authentication>
                        <login-module code="UsersRoles" flag="required">
                            <module-option name="usersProperties" value="${jboss.server.config.dir}/defaultUsers.properties"/>
                            <module-option name="rolesProperties" value="${jboss.server.config.dir}/"/>
                        </login-module>
                    </authentication>
                </security-domain>
in the <security-domains>...</security-domains> section
But when I try to login the server.log gives these:
Failed to open properties file from URL: java.net.MalformedURLException: no protocol: /app/wildfly-8.0.0.CR1/standalone/configuration/defaultUsers.properties
And of course the file exists...
I give up. I will go back to glassfish.
Actions
3. Re: Simple sample basic authentication

ybxiang.china Jan 16, 2014 10:00 PM (in response to fsoares)

And after I read all the posts about the subject I think no one knows how to do it.
~~~I think many guys know. Is NOT above article enough? Why do you want to save your JAAS info in files? Why not save it in DB as above article described?
I think you will save your JAAS info. in DB sooner or later.

If you study above article and JBoss AS 7.2.0 - Example - EJB over SSL, you will understand JAAS better.
Many of my friends in China learned this article and solved their JAAS problem soon.

JBOss AS 7+ (wildfly 8) changed too much, so you need to study its userguide, wiki(Documentation - JBoss AS 7.1 - Project Documentation Editor) and examples (ZIP).
wildfly 8 is NOT released officially, I think you had better use JBoss AS 7.2.0.

Please do NOT give up so fast!
I will help you.
Actions
4. Re: Simple sample basic authentication

ybxiang.china Jan 16, 2014 9:57 PM (in response to fsoares)

More over, about article is suitable to Wildfly-8 CR1 too.
I have migrated two of my products to Wildfly-8 CR1. They work well, except two bug:
(a) https://hibernate.atlassian.net/browse/HHH-8817
(b) WildFly8-CR1 can NOT deploy web app with too many static files successfully.
Actions
5. Re: Simple sample basic authentication

fsoares Jan 17, 2014 6:00 AM (in response to ybxiang.china)

Hello xiang.
The application I try to migrate it's a internal one, with only one user. It's overkill try to put the users in a db.
For that kind of security (many users and roles) I use things like Spring Security or Shiro with SSO.
Really the most exciting thing with wildfly 8 is undertow and the possibly to have only one platform to high concurrency nonblocking like node.js and EJB to implement thinks like backoffices with primefaces and so on.
I will wait for a release and more samples.
Thanks for your help.
Actions
6. Re: Simple sample basic authentication

ybxiang.china Jan 17, 2014 6:24 AM (in response to fsoares)

The application I try to migrate it's a internal one, with only one user. It's overkill try to put the users in a db.
~~~~The theory is the same. Saving JAAS Info. in properties files is simpler.

Really the most exciting thing with wildfly 8 is undertow and the possibly to have only one platform to high concurrency nonblocking like node.js and EJB to implement thinks like backoffices with primefaces and so on.
~~~Another feature is important too: port multiplex. With wildfly 8, JMS/EJB/WEB can share one port, for example 80 or 8080.
Actions
7. Re: Simple sample basic authentication

ybxiang.china Jan 17, 2014 6:30 AM (in response to fsoares)

<module-option name="usersProperties" value="${jboss.server.config.dir}/defaultUsers.properties"/>
...
Failed to open properties file from URL: java.net.MalformedURLException: no protocol: /app/wildfly-8.0.0.CR1/standalone/configuration/defaultUsers.properties

~~~~~~ Please try <module-option name="usersProperties" value="defaultUsers.properties"/> directly. The log is very clear.
Have you read this article: JBoss AS7: Security : Custom Login Modules ???
Actions
8. Re: Simple sample basic authentication

ybxiang.china Jan 17, 2014 6:41 AM (in response to fsoares)

I will wait for a release and more samples.
~~~~Yes.You had better use official release, If NOT, you will get frustrated sometimes.

But you can learn jboss as 7 now. Most examples for JBoss AS 7 are suitable to wildfly8 too. Please refer to the quick start: JBoss Application Server Downloads - JBoss Communit

JBoss AS 7.2.0 is excellent! There are many articles and discussion about it: https://community.jboss.org/en/jbossas7/content?filterID=contentstatus%5bpublished%5d~objecttype~objecttype%5bthread%5d

Now, it seems that many developers are on holiday, so it's 'cold' here.
Actions
9. Re: Simple sample basic authentication

rituraj Mar 5, 2014 12:52 AM (in response to ybxiang.china)

Hi Xiang,

i have worked with jboss7.2.0 as well but got stuck in one of the clustering issues....didn't got any response on it ...
clustering issues while migrating from 7.1.3 to 7.2.0

Thanks
RIturaj
Actions

Go to original post