1 Reply Latest reply on May 29, 2006 6:06 AM by Dennis Wenger

    what ist what: jaas, jbossSX, httpAuth

    Dennis Wenger Newbie

      Hi All,

      I've a big problem. I developed a JBoss / Seam / JSF / EJB3 App for my mastethesis. everything works fine, but now i've write about and to describe how it works.
      the security parts are my problem, i don't exactly know, what are the basic technologies (jaas, jbossSX, httpAuth, ...) for the different parts.

      I use FormAuth on the web layer, and fetch the userprincipal on ejb layer from ejb-context. everything that follows is in my own datamodel, which i know to describe ;)

      Any hints wellcome!
      Thanks fr help


      my login service conf:

      <server>
       <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
       name="termtimer:service=DynamicLoginConfig">
       <attribute name="AuthConfig">META-INF/termtimerSecurity-config.xml</attribute>
       <!-- The service which supports dynamic processing of login-config.xml
       configurations.
       -->
       <depends optional-attribute-name="LoginConfigService">
       jboss.security:service=XMLLoginConfig
       </depends>
       <!-- Optionally specify the security mgr service to use when
       this service is stopped to flush the auth caches of the domains
       registered by this service.
       -->
       <depends optional-attribute-name="SecurityManagerService">
       jboss.security:service=JaasSecurityManager
       </depends>
       </mbean>
      </server>


      and
      my login config:
      <policy>
       <application-policy name="termtimerSecurity">
       <authentication>
       <login-module
       code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag="required">
       <!-- login-module
       code="org.termtimer.model.TTDatabaseServerLoginModule"
       flag="required" -->
       <module-option name="unauthenticatedIdentity">
       guest
       </module-option>
       <module-option name="dsJndiName">
       java:/TermTimerDatabaseDS
       </module-option>
       <module-option name="principalsQuery">
       select password from user where username=?
       </module-option>
       <module-option name="rolesQuery">
       select userrole.rolename as userRoles,"Roles" from userrole, user_userrole, user where
       userrole.id=user_userrole.roles_id
       and
       user_userrole.user_id=user.id
       and
       user.username=?
       </module-option>
       </login-module>
       <login-module code="org.jboss.security.ClientLoginModule"
       flag="required">
       <module-option name="unauthenticatedIdentity">
       guest
       </module-option>
       </login-module>
       </authentication>
       </application-policy>
      </policy>