2 Replies Latest reply on Jun 12, 2014 3:25 PM by Eric Sauer

    UsersRolesLoginModule now requires files to be included in app ?

    Dana Mison Newbie

      Using  org.jboss.security.auth.spi.UsersRolesLoginModule under JBoss AS 5 & 6 the properties files where located relative to the jboss-as/server/PROFILE/conf/ directory.

       

        <application-policy name="app-dev">
          <authentication>
            <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
              <module-option name="usersProperties">props/app-users.properties</module-option>
              <module-option name="rolesProperties">props/app-roles.properties</module-option>
            </login-module>
          </authentication>
        </application-policy>
      

       

      Under AS7 however it seems you must now include these files in the app itself, i.e. app.war/WEB-INF/props/

       

      This seems a little strange to me. Is this an oversight?  Is there a recommended way to specify a non-app specific location ?

        • 1. Re: UsersRolesLoginModule now requires files to be included in app ?
          jaikiran pai Master

          UsersRolesLoginModule has always looked for the properties file in the classpath. In previous versions of AS, the JBOSS_HOME/server/<servername>/conf was on classpath, so you could put your properties there. In AS7 there is no such place, hence you need to package them within the application which makes it available in the classpath.

          • 2. Re: Re: UsersRolesLoginModule now requires files to be included in app ?
            Eric Sauer Newbie

            I see this is an old post, but since I came across it while troubleshooting a similar issue...

             

            You can alternatively specify a properties file absolute path using the 'file://' notation. For example, my security domains look something like:

             

                            <security-domain name="JBossWS" cache-type="default">
                                <authentication>
                                    <login-module code="UsersRoles" flag="required">
                                        <module-option name="usersProperties" value="file://${jboss.server.config.dir}/jbossws-users.properties"/>
                                        <module-option name="rolesProperties" value="file://${jboss.server.config.dir}/jbossws-roles.properties"/>
                                        <module-option name="unauthenticatedIdentity" value="anonymous"/>
                                    </login-module>
                                </authentication>
                            </security-domain>