0 Replies Latest reply on Sep 30, 2013 3:22 AM by lovin agarwal

    Global valve not getting invoked in JBoss EAP 6.1

    lovin agarwal Newbie

      JBoss EAP 6.1


      I have defined valve @global level in standalone.xml as below

      <subsystem xmlns="urn:jboss:domain:web:1.4" default-virtual-server="default-host" native="false">

                 

                <valve name ="myvalve" module="mymodule" class-name="oracle.security.am.agent.common.authenticator.OAMAuthenticatorValve" >

                     <param param-name="configFile" param-value="/scratch/lovagarw/jboss/oam_config.properties"/>    

           </valve>

       

                  <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>

                  <virtual-server name="default-host" enable-welcome-root="true">

                      <alias name="localhost"/>

                      <alias name="example.com"/>

                  </virtual-server>

              </subsystem>

       

      And defined module as global module which can be used by all APPs

      <subsystem xmlns="urn:jboss:domain:ee:1.1">

      <global-modules>

                      <module name="mymodule" slot="main"/>

                  </global-modules>

       

                  <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>

                  <jboss-descriptor-property-replacement>true</jboss-descriptor-property-replacement>

              </subsystem>

       

      Now if i protect my web application, then default authentication gets popped up instead of invoking my valve.  I am in assumption, to use global valve there is no need to configure jboss-web.xml in my deployed app.

       

      web.xml

      <login-config>

        <auth-method>BASIC</auth-method>

        </login-config>

        <security-constraint> 

              <web-resource-collection>   

                          <web-resource-name/>  

                          <url-pattern>/*</url-pattern>   

                  </web-resource-collection> 

                   <auth-constraint>

                          <description/>

                          <role-name>Administrators</role-name> 

                  </auth-constraint> 

                 <user-data-constraint >   

                          <transport-guarantee>NONE</transport-guarantee> 

                  </user-data-constraint>

        </security-constraint>

        <security-role>

              <role-name>Administrators</role-name>

          </security-role>

       

       

      any pointers?