2 Replies Latest reply on Jan 30, 2014 10:16 AM by Mark Kalamaridis

    JBoss AS: Basic Authentication by remote IP addr

    Mark Kalamaridis Newbie

      Is it possible to set up Basic Authentication on JBoss AS 5 for requests coming in from a specific IP addr?

      We have an internal development site that can also be accessed externally through a proxy server. I'd only like to authenticate those coming from the proxy.

      I had no problem setting up the Basic Authentication part. I just need to know how to do the IP check.

      Any help would be appreciated. Thanks!

        • 1. Re: JBoss AS: Basic Authentication by remote IP addr
          erasmo2 marciano2 Master

          Hi

          You can use these modules  login-config.xml

           

          BaseCertLoginModuleAuthenticates client certificates, must be stacked with another login module that does authorization
          CertRolesLoginModuleAn extension of BaseCertLoginModule that authenticates against client certificates and authorizes against properties files
          ClientLoginModulesUsed by standalone clients that want to log into a secure server
          DatabaseCertLoginModuleAn extension of BaseCertLoginModule that authenticates against client certificates and authorizes against a database
          DatabaseServerLoginModuleLoads user/role information from a database
          IndentityLoginModulea testing login module that causes all users to authenticate with the same credentials
          LdapExtLoginModuleLoads user/roles information from a LDAP server (supports hierarchical role structure)
          ldapLoginModuleLoads user/roles information from a LDAP server (only works with flat role structures)
          RunASLoginModuleCan be stacked with another login module to define the run-as status that they use while they're authenticating, useful if you need to call a secured EJB that's responsible for authenticating users.
          SimpleServerLoginModuleA testing login module that allows any role with a null password to authenticate
          SRPCacheLoginModuleUsed to authenticate users using the Secure Remote Password (SRP) protocol
          SRPLoginModuleUsed by standalone clients that want to authenticate using the SRP protocol
          UsersRolesLoginModule

          Loads user/roles information from property files

           

          Or you can make an new module.

          <application-policy name="my-security-domain">

              <authentication>

               <login-module code=""

               ..........................................

          • 2. Re: JBoss AS: Basic Authentication by remote IP addr
            Mark Kalamaridis Newbie

            Hi

             

            I am using UsersRolesLoginModule and am able to get the authentication to work.

            The site is a development site behind a firewall with external access through a proxy server.

            Two different urls to the site.

             

            My question is if there is a way to detect that the request is coming in from the external url and

            only then show the login prompt. I don't want internal users to have to log in.

             

            Thanks.