We are using LDAP server for authentication and authorization.
We configured JBoss to use LDAP server(using our own login module).
Does anybody know, how to configure either the Web Application or the server to use only Authentication but not Authorization.
In our web application, we want to allow access to any authenticated user, no matter which roles the user belong.
Is there any way, we can configure in web.xml to allow access to url's for any authenticated user.
I tried using this authconstaint
But the above configuration allows access to non-authenticated users aswell, which is not intended.
Any help is appreciated.
Use of the role-name=* works fine for me to only allow authenticated users. More debugging is needed.