I am running 3.04 & 4.1.12 an am wondering?
Did you eventually solve this problem because I am suffering here...
I think it has something to do with auth.conf
However I don't no if I have to add auth.conf to catalina explicitly!
I know how to do it from a client program by adding auth.conf as a -d argument but I cannot find any documentation to help me further along.
In JBoss 2.4.X you need to run the JAAS module org.jboss.security.ClientLoginModule in order to bind the username & password to the JBoss invocation layer. Otherwise the server won't know who is calling it. So yes you would need the auth.conf (or equivalent) in your servlet container's path.
Not sure what the deal in 3.0 is, but probably similar ?
I thought I show catalina's startup change between Jboss 2.X catalina and 3. In 2.x catalina is started from it's startup script. This has changes in 3 which allows catalina to be configured in tomcat41-service.xml.
How to place auth.conf there.....??? No idea ....yet.
There is a shortcut to this process. It is JBoss specific and potentially version specific. You can do what the client login module does without the overhead of the JAAS configuration. Look at the source for the ClientLoginModule. I use this approach on the client-side of EJB calls without any problems. I only set the principal and the credentials and not the subject.
Use at your own risk!!!!
I am going to check the source out to see what is going on there, but I will keep looking for the legal way to make auth.conf known to catalina webapps.
BTW should not there be a dtd with tomcat41-server.xml??
now I was working on an Iplanet application where we on registrering at the site we woould add the user and role to LDAP. Afther that we would get a handle into IPLANET's application and force what the form based auth does on a login. this way the user would not be prompted for the id/pass after they register.
There should be a way into JBOSS wither direstly or through JAAS to pass the Registration information(id/pass) for a later callback when the system need the information.
Has anyone done this? Do you understand my question on forcing the login throough code