-
1. Re: Securing a Web application with AS7
mmoyses Aug 24, 2011 11:09 AM (in response to developer251)You need to add a security-domain element in standalone.xml under the security subsystem. It will look something like:
<security-domain name="myLogin" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:/OracleDS"/>
<module-option name="principalsQuery" value="select passwd from USERS where login=?"/>
<module-option name="rolesQuery" value="select role, 'Roles' from USER_ROLES where login=?"/>
</login-module>
</authentication>
</security-domain>
-
2. Re: Securing a Web application with AS7
developer251 Aug 25, 2011 2:44 AM (in response to mmoyses)Thank you very much, it works.
I was able to run clear text password authorization. The only thing I wasn't able to, is using my earlier encrypted passwords. With JBoss 5 I used to add this to my login module:
<module-option name="hashAlgorithm" value="MD5" /> <module-option name="hashEncoding" valu="BASE64" /> Anybody knows if encrypted password still work in AS 7 ?
Thanks
Max
-
3. Re: Securing a Web application with AS7
mmoyses Aug 25, 2011 8:37 AM (in response to developer251)Encryption works the same way in AS7. Check this thread: http://community.jboss.org/message/621315