2 Replies Latest reply on Mar 21, 2017 2:52 PM by Asif Mumtaz

    BASIC web authentication in domain configuration for JBoss EAP7

    Asif Mumtaz Newbie

      Hi,

       

      I am trying to configure BASIC authentication for access to an application deployed in JBoss EAP7 in domain mode. I have made the following configurations:

       

      1. Added the following lines in <application EAR file>.ear/<application WAR file>.war/WEB-INF/web.xml file:

                          <security-constraint>

                                 <auth-constraint>

                                      <role-name>myrole</role-name>

                                 </auth-constraint>

                          </security-constraint>

                          <login-config>

                               <auth-method>BASIC</auth-method>

                               <realm-name>Login</realm-name>

                          </login-config>

                          <security-role>

                               <role-name>myrole</role-name>

                          </security-role>

       

      2. Created <application EAR file>.ear/<application WAR file>.war/WEB-INF/jboss-web.xml file with the following contents:

                          <?xml version='1.0' encoding='UTF-8'?>

                               <jboss-web>

                                     <security-domain>myrole</security-domain>

                               </jboss-web>

       

      3. Added the following lines in <JBoss installation directory>/domain/configuration/domain.xml file:

                          <security-domain name="myrole" cache-type="default">

                              <authentication>

                                  <login-module code="UserRoles" flag="required">

                                      <module-option name="rolesProperties" value="${jboss.domain.config.dir}/myrole-roles.properties"/>

                                      <module-option name="usersProperties" value="${jboss.domain.config.dir}/myrole-users.properties"/>

                                  </login-module>

                              </authentication>

                          </security-domain>

      4. Created the <Jboss domain config dir>/myrole-roles.properties file with the following contents:

      myuser=myrole

       

      5. Created the <Jboss domain config dir>/myrole-user.properties file with the following contents:

      myuser=mypassword

       

      With all the above configurations in place, when I am trying to access the application, I still don't get the pop up asking me for username/password. Can someone please suggest what is wrong/missing in my configurations.

       

      Thanks,

      Asif

        • 1. Re: BASIC web authentication in domain configuration for JBoss EAP7
          Martin Choma Expert

          If browser does not popup login/password dialog, that means your web.xml is wrong. And it seems to me you are missing web-resource collection. Something like:

           

             <security-constraint>

                 <web-resource-collection>

                    <web-resource-name>protected</web-resource-name>

                    <url-pattern>/*</url-pattern>

                 </web-resource-collection>

                 <auth-constraint>

                    <role-name>myrole</role-name>

                 </auth-constraint>

             </security-constraint>

          • 2. Re: BASIC web authentication in domain configuration for JBoss EAP7
            Asif Mumtaz Newbie

            Hi Martin,

             

            As suggested by you, I have added the following contents in web.xml file:

                      <security-constraint>

                             <web-resource-collection>

                                  <web-resource-name>All resources</web-resource-name>

                                  <description>Protects all resources</description>

                                  <url-pattern>/*</url-pattern>

                             </web-resource-collection>

                             <auth-constraint>

                                  <role-name>myrole</role-name>

                             </auth-constraint>

                   </security-constraint>

                   <login-config>

                             <auth-method>BASIC</auth-method>

                             <realm-name>Login</realm-name>

                   </login-config>

                   <security-role>

                             <role-name>myrole</role-name>

                   </security-role>

             

            Now I am getting the pop-up to enter username/password. However, when I provide the username as myuser and password as mypassword, it does not allow me in. Instead, the pop up comes back asking me to enter the login credentials again. After entering the credentials 3-4 times, it shows a message "Unauthorized" in the browser.

             

            Can you suggest what is going wrong with this setup.

             

            Thanks,

            Asif