1 Reply Latest reply on Sep 29, 2005 1:05 PM by Aaron

    Authentication : URGENT

    shankar narayan Newbie

      This is very URGENT!!
      Where do I specify the Users and roles in Jboss??
      In Tomcat, it is done in TomcatUsers.xml and the same is mapped in web.xml, but TomcatUsers.xml is not to be found in JBoss.

      Please help.

        • 1. Re: Authentication : URGENT
          Aaron Novice


          Authentication is done with LoginModules in JBoss. If you just want to specify users in a flatfile, you can use this as a guide:


          The UsersRolesLoginModule allows you to specify users, passwords, and their roles, and tie it into an application authentication mechanism.

          I believe those files are stored at:


          you authentication configurations happen in multiple files:

          $JBOSS_HOME/server/[serverconfig]/conf/login-config.xml --> This specifies your loginModule configurations, and which application uses which modules
          $WEBAPP_HOME/WEB-INF/web.xml --> As normal, this specifies your roles and which servlets are protected
          $WEBAPP_HOME/WEB-INF/jboss-web.xml --> This links your web application to the application-policy stated in the login-config.xml