0 Replies Latest reply on May 22, 2013 4:56 AM by sirair airsir

    JAAS in JBOSS 6 config

    sirair airsir Newbie

      Hello,

       

      I want to use a LoginModule " UsersRolesLoginModule" which is already integrated in JBOSS. But I dont know how to configure it.

       

      I have adapted the login-config.xml :

       

      <application-policy name="jaasTest">

          <authentication>

            <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"

              flag="required">

              <module-option name="usersProperties">users.properties</module-option>

              <module-option name="rolesProperties">roles.properties</module-option>

            </login-module>

          </authentication>

        </application-policy>

       

       

       

      Here is my web.xml:


      <web-app>

       

        <security-constraint>

          <web-resource-collection>

            <web-resource-name>Admin</web-resource-name>

            <url-pattern>/admin/*</url-pattern>

          </web-resource-collection>

          <auth-constraint>

            <role-name>ADMIN</role-name>

          </auth-constraint>

        </security-constraint>

       

        <login-config>

          <auth-method>BASIC</auth-method>

        </login-config>

       

        <security-role>

          <role-name>ADMIN</role-name>

        </security-role>

       

      </web-app>


       

      Under WebContent there is a folder admin. All subfiles or directories requires an authentication.

      So where I name in the config that it takes the policy "jaasTest"?

      When I need the server.xml?