3 Replies Latest reply on Jan 5, 2010 9:07 AM by smithaps89

    GateIn Authentication

    smithaps89
    smithaps89 Dec 30, 2009 10:06 AM

      I amtrying to configure the jmx-console to use the same security/authentication as GateIn does.  Basically I do not want users to be able to view the jmx-console unless they are logged into the portal as a user.

       


      I have set up the jmx-console.war/WEB-INF/jboss-web.xml in the jmx-console war to contain the save security domain as the portal.war/WEB-INF/jboss-web.xml.  And I have also placed the security constraints from the portal.war/WEB-INF/web.xml in the jmx-console.war/WEB-INF/jboss-web.xml.  When using the BASIC auth-method I can log in using the defautl root user and password but my authentication is not transferred after I log into the portal which is desired.  Am I needing SSO for this integration? If so is there a way to set it up easily?  Thanks for any help on this issue.  Attached are my jboss-web.xml and web.xml from the jmx-console.war.

       

      Thanks.

      • 3064 Views
      • Tags:
        • 1. Re: GateIn Authentication
          artmunro
          artmunro Jan 4, 2010 3:02 PM (in response to smithaps89)

          Andrew,

           

          We are also configuring SSO using CAS ( http://www.jasig.org/cas ) and the Gatein team has confirmed the working solution.  We have not been successful to date with the SSO configurations.  I was hopeing Beta 4 would solve this issue.

           

           

          If you are successfull feel free to shoot me a message...  If we are successfull we can also enhance documentation for a lessons learned

           

          thanks,

          Art

            • Actions
          • 2. Re: GateIn Authentication
            theute
            theute Jan 5, 2010 7:36 AM (in response to smithaps89)

            Art, note that Andrew's problem is very different.

             

            Andrew, first are you sure you really want to do this ? The JMX console is really developer oriented.

            That said in your case you would indeed need to enable SSO, this can be easily achieved by editing:

            JBOSS_HOME/server/default/deploy/jbossweb.sar/server.xml

             

            You will find this:

            <!--
   <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->

             

            Uncomment the valve and you should be good to go

              • Actions
            • 3. Re: GateIn Authentication
              smithaps89
              smithaps89 Jan 5, 2010 9:07 AM (in response to theute)
              That valve was exactly it.  Thanks for the help.
                • Actions