Hello,

I want to use a LoginModule " UsersRolesLoginModule" which is already integrated in JBOSS. But I dont know how to configure it.

I have adapted the login-config.xml :

<application-policy name="jaasTest">

    <authentication>

      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"

        flag="required">

        <module-option name="usersProperties">users.properties</module-option>

        <module-option name="rolesProperties">roles.properties</module-option>

      </login-module>

    </authentication>

  </application-policy>

Here is my web.xml:

<web-app>

  <security-constraint>

    <web-resource-collection>

      <web-resource-name>Admin</web-resource-name>

      <url-pattern>/admin/*</url-pattern>

    </web-resource-collection>

    <auth-constraint>

      <role-name>ADMIN</role-name>

    </auth-constraint>

  </security-constraint>

  <login-config>

    <auth-method>BASIC</auth-method>

  </login-config>

  <security-role>

    <role-name>ADMIN</role-name>

  </security-role>

</web-app>

Under WebContent there is a folder admin. All subfiles or directories requires an authentication.

So where I name in the config that it takes the policy "jaasTest"?

When I need the server.xml?