1 Reply Latest reply on Oct 19, 2004 9:24 PM by Scott Stark

    How to provide default authentication to all web application

    Lei Shen Newbie

      Hi:

      I want to provide a default authentications to all the web applications deployed under jboss tomcat. I can not find an easy solution.

      Right now, if I securied the \server\default\deploy\jbossweb-tomcat50.sar. Then it will prompts me login if I want to access
      http://localhost:8080/

      However, it will NOT prompt me for http://localhost:8080/jmx-console.

      So, it appears that the root application does not pass the login
      requirement to another application. Even though I specified
      the url pattern as /* in the configuration for root directory.

      Right now, the only way I can think of is to actually secure all
      the individual applications. That does not sound right.

      Any suggestions? Thanks in advance,
      lei

        • 1. Re: How to provide default authentication to all web applica
          Scott Stark Master

          jboss-3.2.6 has a new DefaultSecurityDomain in the jbossweb-tomcat50.sar/META-INF/jboss-service.xml that allows you to set a global default security-domain value. Previously you had to add a jboss-web.xml with the desired security-domain to every web app to be secured.

           <!-- The JAAS security domain to use in the absense of an explicit
           security-domain specification in the war WEB-INF/jboss-web.xml
           -->
           <attribute name="DefaultSecurityDomain">java:/jaas/other</attribute>