1 Reply Latest reply on Apr 19, 2006 11:29 AM by mholzner

    How to secure different portal instances

    Siarhei Bidun Newbie

      Hi everybody.
      Can anybody help me with a portal security issue?

      The question is how to secure different portal instances with different security domains.

      For an example I took JBoss demo portal as it is.
      Then I have deployed "helloworldportal.war" (mentioned in portal documentation) under "jboss-portal.sar" directory.

      Demo portal uses the following security domain (specified in jboss-web.xml file under "portal-server.war"/WEB-INF dir):

      For "helloworldportal.war" portal I want to use different security domain.
      I have defined "application-policy" in login-config.xml file:
      <application-policy name="testportal">

      And in the file helloworldportal.war/WEB-INF/jboss-web.xml have specified security domain:
      Also for "helloworldportal.war" portal have specified security constraints (in helloworldportal.war/WEB-INF/web.xml file):

      <realm-name>JBoss Portal</realm-name>

      Now when I go to url:


      nothing happens - my security constraints are ignored.
      Could somebody hint what is wrong or how to solve the issue?

      Thanks in advance,
      Siarhei Baidun