1 Reply Latest reply on Feb 8, 2007 6:40 AM by martique

    using digest authentication

    martique

      Hi, I'm learning JBoss and I'm trying to use digest authentication for my web application. I did this:

      1) application.war/WEB-INF/web.xml:

      <security-constraint>
      <display-name>Default JSP Security Constraints</display-name>
      <web-resource-collection>
      <web-resource-name>Portlet Directory</web-resource-name>
      <url-pattern>/jsp/*</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      </web-resource-collection>
      <auth-constraint>
      <role-name>admin</role-name>
      </auth-constraint>
      <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>
      </security-constraint>

      <login-config>
      <auth-method>DIGEST</auth-method>
      <realm-name>MyApplication</realm-name>
      </login-config>

      <security-role>
      <role-name>admin</role-name>
      </security-role>


      2)application.war/WEB-INF/jboss-webxml:

      <security-domain>java:/jaas/pentaho</security-domain>

      <security-role>
      <role-name>admin</role-name>
      <principal-name>martagroup</principal-name>
      <principal-name>marta</principal-name>
      </security-role>

      3)server/default/conf/login-config.xml

      <application-policy name="application">

      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
      flag="required">
      <module-option name="usersProperties">props/digest-users.properties</module-option>
      <module-option name="rolesProperties">props/digest-roles.properties</module-option>
      <module-option name="hashAlgorithm">MD5</module-option>
      <module-option name="hashEncoding">rfc2617</module-option>
      <module-option name="hashUserPassword">false</module-option>
      <module-option name="hashStorePassword">true</module-option>
      <module-option name="passwordIsA1Hash">true</module-option>
      <module-option name="storeDigestCallback">
      org.jboss.security.auth.spi.RFC2617Digest
      </module-option>
      </login-module>

      </application-policy>


      4)conf/props/digest-roles.properties
      marta=admin

      5)conf/props/digest-users.properties
      marta=231484604fc44289526e4420998828a7

      digested string was created as:
      java -cp jbosssx.jar org.jboss.security.auth.spi.RFC2617Digest marta "My Application" marta


      It doesn't work at all, my application load without any authentication. What I did wrong?