0 Replies Latest reply on May 20, 2014 2:35 AM by Xu Hua Li

    How to configure EAP6.1 to use servlet filter for authentication

    Xu Hua Li Newbie

      Hi,

       

      I am migrating an application from Websphere to JBoss. The application is using servlet filter for  BASIC authentication(ask for id/pwd), works well in websphere. My standalone.xml defined as :

      <security-realms>

                  <security-realm name="ManagementRealm">

                      <authentication>

                          <local default-user="$local"/>

                          <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>

                      </authentication>

                  </security-realm>

                  <security-realm name="ApplicationRealm">

                      <authentication>

                          <jaas name="myauth"/>

                      </authentication>

                  </security-realm>

              </security-realms>

       

      I found that JBOSS will first calls security domain "other", then calls myauth in ApplicationRealm, then calls security doamin defined in jboss-web.xml.

      My question is:

      How should I define the security domain in standalone.xml which will be used in jboss-web.xml, actually use my servlet filter to authentication.