1 Reply Latest reply on Oct 26, 2006 1:51 PM by Mario Van Vlasselaer

    Container based authentication, user name based authorizatio

    Marko Niinimaki Newbie


      somehow I did not find examples of this in the forums or documentation.

      I've set up a box where the users are required to authenticate using LDAP.
      Practically, in in jboss/server/default/login-config.xml there is a policy like
      <application-policy name = "LDAP">

      <login-module code="org.jboss.security.auth.spi.LdapLoginModule"

      and in the application's jboss-web.xml

      and in the application's web.xml
      <auth-constraint><role-name>*</role-name> </auth-constraint>


      It works: the users that can authenticate themselves with LDAP have an access to the application. However, of these I'd like only _some_ to be able to access the application and role names are not too usable in our organisation.

      Is there a way to define a list of accepted user names in auth-constraint or something of the same effect?