-
1. Re: Windows login name only
ndipiazza Mar 7, 2012 2:22 PM (in response to dnorris)Here is a related post: https://community.jboss.org/message/138234#138234
Not something that is well documented but there is a link here that may help you.
-
2. Re: Windows login name only
dnorris Mar 8, 2012 9:43 AM (in response to ndipiazza)I had come across that in my search too. However, it talks about putting libraries in the web app. If I'm going to do that I will use waffle - which works by the way. I want to use libraries already in jboss 7 modules. If I cannot do simple NTLM to get the windows login using libraries jboss comes with then I would like to add waffle to jboss as a new module. I had some but not complete success with that.
-
3. Re: Windows login name only
ctomc Mar 8, 2012 10:03 AM (in response to dnorris)Hi,
and what is the problem you have when using lib's jboss comes with?
how does your application looks like? how do you reference jbosses modules?
what is the exception if any?
--
tomaz
-
4. Re: Windows login name only
dnorris Mar 8, 2012 10:12 AM (in response to ctomc)My main problem in using supplied jboss libs is: I don't fully know how. I don't want to set up a security domain.
I'm comparing this to waffle which uses NTLM negotiation. With it you put the libs in the web app, set up a filter and create jave code to get the login.
I want waffle-like functionality using supplied jboss libs. No kerberos, just NTLM.
-
5. Re: Windows login name only
ctomc Mar 8, 2012 10:20 AM (in response to dnorris)can you be more specific?
What are the supplied jboss libs you are refering to? you mean picket box? or something else?
-
6. Re: Windows login name only
dnorris Mar 8, 2012 10:36 AM (in response to ctomc)Part of the problem is I don't know enough about it to know exactly what I need.
I found libs in \modules\org\jboss\security\negotiation\main\ that look like what I want.
jboss-negotiation-common-2.2.0.SP1.jar
jboss-negotiation-ntlm-2.2.0.SP1.jar
But I don't know if/how I can set up a filter in the web app and get the windows login via ntlm.
Picketbox and picketlink are even more mysterious to me - never heard of them before.
So, given that I only want the windows login using NTLM:
My first question is: Which jboss libraries to use.
Second is how to use them.
-
7. Re: Windows login name only
dnorris Mar 8, 2012 1:04 PM (in response to dnorris)1 of 1 people found this helpfulFor others interested, I gave up on using jboss supplied libraries for now.
I was able to set up waffle ntlm as a jboss module. So now the waffle jars are in jboss and not in every web application that uses it.
The hardest part was figuring out the dependencies in module.xml. In short do this:
- under \modules\ add waffle\main
- put waffle files in main folder:
- jna.jar
- platform.jar
- waffle-jna.jar
- in main create file: module.xml
<module xmlns="urn:jboss:module:1.1" name="waffle">
<resources>
<resource-root path="waffle-jna.jar"/>
<resource-root path="jna.jar"/>
<resource-root path="platform.jar"/>
</resources>
<!-- quava is already on jboss so just point to it. -->
<!-- commons logging is sort of on jboss so just point to it. -->
<!-- It actually points to org.slf4j.jcl-over-slf4j. -->
<dependencies>
<module name="javax.servlet.api"/>
<module name="com.google.guava"/>
<module name="org.apache.commons.logging"/>
<module name="sun.jdk"/>
</dependencies>
</module>
- Edit \modules\sun\jdk\main\module.xml
<dependencies>
<system export="true">
<paths>
Add this
<path name="javax/security/auth"/>
At this point you can use waffle ntlm in the usual way with a filter in web.xml and a class to get the login name.
-
8. Re: Windows login name only
sidde3 Jun 22, 2016 10:15 AM (in response to dnorris)Hello All,
I want to configure Jboss Security domain with local OS, so that user and password will be taken from local operating system.
Hope this is possible using waffle, but not able to understand how to configure the security domain.
Thanks!
Regards,
Siddhartha