1 Reply Latest reply on Jun 26, 2002 11:50 AM by Robert Spychala

    how to setup simple realm hadling with JBoss-2.4.4 / Catalin

    Christoph Grimm Newbie

      I don't know wherelese to post, so I'll put this here
      TOPIC: HowTo for setting up simple authentication with JBoss 2.4.4 and integrated Catalina 4.0x

      1. set up the standard definitions in the web.xml deployment descriptor as specified in sun's servlet specification

      example for for restricting the whole webapp content to authenticated users:
      used role: my_role

      <web-app>
      ...
      <security-constraint>
      <web-resource-collection>
      <web-resource-name>alldocs</web-resource-name>
      <url-pattern>/*</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      </web-resource-collection>
      <auth-constraint>
      <role-name>my_role</role-name>
      </auth-constraint>
      <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>
      </security-constraint>
      <login-config>
      <auth-method>BASIC</auth-method>
      <realm-name>My Realm Name</realm-name>
      </login-config>
      <security-role>
      My Role Description
      <role-name>my_role</role-name>
      </security-role>
      ...
      </web-app>

      the <realm-name> element does not matter at all for our config, give it anything you want

      2. add the jboss-web.xml deployment descriptor
      additionally to the web.xml deployment descriptor you need a jboss-specific deployment descriptor named jboss-web.xml, that you put in the WEB-INF directory.
      in this you specify, which security domain you want to use:
      for our example, we use a security domain called "other" for which the
      jboss distribution already provides the appropriate definitions

      put the following into the jboss-web.xml file:

      <?xml version="1.0" encoding="ISO-8859-1"?>
      <jboss-web>
      <security-domain>java:/jaas/other</security-domain>
      </jboss-web>

      3. specifiy the user name(s) and role(s)
      a) in the jboss/conf/catalina directory create a file named "users.properties"
      into this put your user names in the form =

      example:
      appuser=joshua

      so we have a user called appuser with password joshua

      b) in the jboss/conf/catalina directory create a file named "roles.properties"
      for each of your user names put in an entry in the form =[,]

      in our example we use only one role called my_role, we also have only one user called appuser, so our roles.properties file also contains only one entry:

      appuser=my_role

      4. start your jboss server
      when you now try to access your web-content, the browser should display a popup-dialog in which
      you must enter "appuser" as your username and "joshua" as your password

      6. summary of necessary steps

      - set up your web.xml descriptor
      - set up the jboss-web.xml descriptior
      - set up the users.properties file in jboss/conf/catalina
      - set up the roles.properties file in jboss/conf/catalina
      - start your jboss server