1 Reply Latest reply on Jan 6, 2012 5:45 PM by twic

    Configuring IdentityLoginModule in JBoss AS

    oeuftete

      I have a web application that I am trying to access in JBoss using the IdentityLoginModule.  It seems like it should be straightforward, but I am having problems.

       

      I have added the following <application-policy> in login-config.xml:

       

          <application-policy name="demo">
              <authentication>
                  <login-module code="org.jboss.security.auth.spi.IdentityLoginModule"
                               flag="required">
                      <module-option name="principal">bfranklin</module-option>
                      <module-option name="roles">user</module-option>
                  </login-module>
              </authentication>
          </application-policy>

       

      From my understanding, any successful login with this policy should result in the user being logged in as the user "bfranklin".

       

      Now I log into my application as "mtwain".  I would have expected the actual login to be "bfranklin" when the application main page loads, but it ends up being "mtwain". The application retrieves the logged in user via GetRemoteUser and displays it on that page. And it displays "mtwain".

       

      I have confirmed that the getIdentity method is in fact returning "bfranklin".

       

      Am I missing something here?  Is there somethine else that needs to be configured?

       

      Thanks,

       

      -- Greg

        • 1. Re: Configuring IdentityLoginModule in JBoss AS
          twic

          I don't see this behaviour.

           

          I've written a small webapp to experiment with authentication; at one point, it was using the Identity login module. See (note that this is not the tip r revision):

           

          https://bitbucket.org/twic/jaasdemowebapp/src/49da1063bb2b/

           

          If i start that and hit the JAASServlet, entering any username and password i like, then it prints output like:

           

          <pre>

          22:24:56,916 INFO  [li.earth.urchin.twic.web.JAASServlet] (http--127.0.0.1-8080-1) Servlet: user = guest

          22:24:56,916 INFO  [li.earth.urchin.twic.web.JAASServlet] (http--127.0.0.1-8080-1) Servlet: isUserInRole(User) = true

          22:24:56,917 INFO  [li.earth.urchin.twic.web.JAASServlet] (http--127.0.0.1-8080-1) Servlet: isUserInRole(NoSuchRole) = false

          22:24:56,917 INFO  [li.earth.urchin.twic.web.JAASServlet] (http--127.0.0.1-8080-1) Servlet: principal = guest

          </pre>

           

          If you want to try that code, check it out, install Ivy, set up an ivysettings.xml that suits you, define an IVY_HOME environment variable to point to the directory where the Ivy jars are, and an IVY_SETTINGS environment variableto point to the ivysettings.xml, run get-dependencies.sh to download the libraries, compile the code from src into deployments/jaas-demo.war/WEB-INF/classes, run build-server.sh, then either copy the whole lot into $JBOSS_HOME/standalone and start JBoss, or start it some other way.