0 Replies Latest reply on Apr 16, 2013 3:12 PM by klind

    security-domain login-module

    klind Newbie

      Hi, I have a few questions about security in AS 7.1.1...

       

      What is the

      login-module code="Remoting"
      

      used for ?

       

      Also anyone a good explanation of the

      password-stacking
      

       

      How does the order in which the login modules are declared affect the login ?

      I had an example where I had a two

      login-module code="Database"
      

      and one

      login-module code="UsersRoles"
      

       

      When declaring the UserRoles at the top, the login did not work for users in the daabase, but did work for users in the files

       

                               <login-module code="Remoting" flag="optional">
                                  <module-option name="password-stacking" value="useFirstPass"/>
                              </login-module>
                               <login-module code="UsersRoles" flag="required">
                                  <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
                                  <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
                                  <module-option name="password-stacking" value="useFirstPass"/>
                              </login-module>
                              <login-module code="Database" flag="sufficient">
                                  <module-option name="dsJndiName" value="java:jboss/jsi/JSIXADataSource"/>
                                  <module-option name="principalsQuery" value="select encode(hashed_key, 'hex') from print_provider where unique_name=?"/>
                                  <module-option name="rolesQuery" value="select 'jsitoolsprovider', 'Roles' from print_provider where unique_name=?"/>
                                  <module-option name="hashAlgorithm" value="SHA-512"/>
                                  <module-option name="hashEncoding" value="hex"/>
                              </login-module>
                              <login-module code="Database" flag="sufficient">
                                  <module-option name="dsJndiName" value="java:jboss/jsi/JSIXADataSource"/>
                                  <module-option name="principalsQuery" value="select encode(hashed_key, 'hex') from print_customer where unique_name=?"/>
                                  <module-option name="rolesQuery" value="select 'jsitoolscustomer', 'Roles' from print_customer where unique_name=?"/>
                                  <module-option name="hashAlgorithm" value="SHA-512"/>
                                  <module-option name="hashEncoding" value="hex"/>
                              </login-module>                    
      

       

      When moving the UserRoles to the buttom is did work for both users...

       

                              <login-module code="Remoting" flag="optional">
                                  <module-option name="password-stacking" value="useFirstPass"/>
                              </login-module>
                              <login-module code="Database" flag="sufficient">
                                  <module-option name="dsJndiName" value="java:jboss/jsi/JSIXADataSource"/>
                                  <module-option name="principalsQuery" value="select encode(hashed_key, 'hex') from print_provider where unique_name=?"/>
                                  <module-option name="rolesQuery" value="select 'jsitoolsprovider', 'Roles' from print_provider where unique_name=?"/>
                                  <module-option name="hashAlgorithm" value="SHA-512"/>
                                  <module-option name="hashEncoding" value="hex"/>
                              </login-module>
                              <login-module code="Database" flag="sufficient">
                                  <module-option name="dsJndiName" value="java:jboss/jsi/JSIXADataSource"/>
                                  <module-option name="principalsQuery" value="select encode(hashed_key, 'hex') from print_customer where unique_name=?"/>
                                  <module-option name="rolesQuery" value="select 'jsitoolscustomer', 'Roles' from print_customer where unique_name=?"/>
                                  <module-option name="hashAlgorithm" value="SHA-512"/>
                                  <module-option name="hashEncoding" value="hex"/>
                              </login-module>
                              <login-module code="UsersRoles" flag="required">
                                  <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
                                  <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
                                  <module-option name="password-stacking" value="useFirstPass"/>
                              </login-module>