1 Reply Latest reply on Oct 9, 2014 1:38 AM by jaikiran

security-domain does not work when war file is embedded in the ear file.

faridadhami Oct 8, 2014 1:29 PM

I have a web application as a war file that is embedded in a ear file and deployed on EAP-6.2.0.GA, but the security does not work as expected. The security of web application works as expected when deployed out side of the ear file,directly in EAP. But when war is embedded in an ear file, the security does not work. the ear file is deployed without any error and I can browse the first page of the web app. but when I try to login, it fails with the following error:

Caused by: javax.servlet.ServletException: JBWEB000053: Failed to authenticate a principal

The content of /WEB-INF/jboss-web.xml inside the war file is like this

<jboss-web>

<context-root>m2m/admin</context-root>

<security-domain>m2m-admin</security-domain>

</jboss-web>

the security domain in standalone xml file is like this:

<security-domain name="m2m-admin">

<login-module code="UsersRoles" flag="required">

<module-option name="usersProperties" value="${jboss.server.config.dir}/m2madmin-users.properties"/>

<module-option name="rolesProperties" value="${jboss.server.config.dir}/m2madmin-roles.properties"/>

</login-module>

</authentication>

</security-domain>

So is there something I need to change in security-domain when the war is included in ear file?

Thanks

Farid

1. Re: security-domain does not work when war file is embedded in the ear file.

jaikiran Oct 9, 2014 1:38 AM (in response to faridadhami)
Can you enable TRACE level logging of the security packages and see which security-domain is being picked up for authentication, when the .war is embedded in the .ear? Have you tried using a jboss-app.xml in the .ear/META-INF folder with a security domain as follows:

<jboss-app> <security-domain>m2m-admin</security-domain> </jboss-app>

Does that get you past this issue?
Actions