3 Replies Latest reply on Nov 14, 2013 4:20 AM by Horia Chiorean

    about Modeshape3.6 user login problem

    xu xiaomo Newbie

      I am working on JbossEAP6.1.X and Modeshape3.6 . I discoverd , all of users have to regist in role*..proerties and userxx.properties file in EAP folder , if no , I only get a "Anonymous" by the mothod: session.getUserID.

      But now, I want to get any userID without configuration of xxx.properties file. for example: user name : matrix . login repository DNA .but not add it in role.properties file , as well as I can get "matrix" by "session.getUserID"


        • 1. Re: about Modeshape3.6 user login problem
          Horia Chiorean Master

          ModeShape does not have something built-in for this. It does have a configuration attribute called "anonymous-username" which it will use that for *all* unauthenticated users, which I don't think is what you're after.


          One thing you can try is to have a look/updated ModeShape's <security-domain name="modeshape-security" cache-type="default"> (from the EAP config). By default, this only uses a UsersRoles login module which requires the .properties files you mentioned. You can try to change/add another login-module to it, which doesn't use properties files and which will basically authenticate all users and assign them a dummy role (e.g. guest). This way each user will appear as authenticated and its own username will be returned.


          You can find more information about the available login modules in EAP here: JBoss AS7 : Security Domain Model

          • 2. Re: about Modeshape3.6 user login problem
            xu xiaomo Newbie

            Would you like to give me a guide or some sample?Thank you very much

            • 3. Re: about Modeshape3.6 user login problem
              Horia Chiorean Master

              You can try something like:


                           <security-domain name="modeshape-security" cache-type="default">


                                      <login-module code="UsersRoles" flag="required">

                                          <module-option name="usersProperties" value="${jboss.server.config.dir}/modeshape-users.properties"/>

                                          <module-option name="rolesProperties" value="${jboss.server.config.dir}/modeshape-roles.properties"/>


                                    <login-module code="org.jboss.security.ClientLoginModule" flag="required" ></login-module> 



              I'm not sure it will work like this out-of-the-box, but you can investigate further. Also look at http://docs.jboss.org/jbosssecurity/docs/6.0/security_guide/html/Login_Modules.htm

              1 of 1 people found this helpful