3 Replies Latest reply on Mar 5, 2013 8:31 AM by Urs Rothenhäusler

    Authentication not working in Web-app (JBosss 7.1.1)

    Urs Rothenhäusler Newbie

      Hello,

      in my Enterprise/Rest-App which includes a war, authentication is not working. No error is thrown, I can access everything. My conf is as follows:

       

      standalone-full.xml:

      <security-domain name="migtoolpolicy" cache-type="default">

                          <authentication>

      <login-module code="UsersRoles" flag="required">

                                  <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>

                                  <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>

          </login-module>

      </authentication>

      </security-domain>

       

      web.xml:

      ...

      <servlet-mapping>

              <servlet-name>javax.ws.rs.core.Application</servlet-name>

              <url-pattern>/rest/*</url-pattern>

          </servlet-mapping>

      <login-config>

              <auth-method>BASIC</auth-method>

              <realm-name>migtoolpolicy</realm-name>

          </login-config>

          <security-constraint>

              <web-resource-collection>

                  <web-resource-name>Restricted to Secure role</web-resource-name>

                  <description>Declarative security</description>

                  <url-pattern>/*</url-pattern>

                  <http-method>HEAD</http-method>

                  <http-method>GET</http-method>

                  <http-method>POST</http-method>

              </web-resource-collection>

          </security-constraint>

         

          <!-- Allowed Roles -->

          <security-role>

              <role-name>userrole</role-name>

          </security-role>

       

      jboss-web.xml:

      <jboss-web>

          <context-root>migtool</context-root>

          <security-domain>migtool</security-domain>

      </jboss-web>