Hi,

I am migrating an application from Websphere to JBoss. The application is using servlet filter for  BASIC authentication(ask for id/pwd), works well in websphere. My standalone.xml defined as :

<security-realms>

            <security-realm name="ManagementRealm">

                <authentication>

                    <local default-user="$local"/>

                    <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>

                </authentication>

            </security-realm>

            <security-realm name="ApplicationRealm">

                <authentication>

                    <jaas name="myauth"/>

                </authentication>

            </security-realm>

        </security-realms>

I found that JBOSS will first calls security domain "other", then calls myauth in ApplicationRealm, then calls security doamin defined in jboss-web.xml.

My question is:

How should I define the security domain in standalone.xml which will be used in jboss-web.xml, actually use my servlet filter to authentication.