3 Replies Latest reply on Jun 28, 2007 2:56 PM by Manjunath Bhat

    Setting  BASIC authentication for web console

    Manjunath Bhat Newbie

      Hi All,

      I am trying to set up BASIC authentication for my web console as per the http://docs.jboss.com/jbossas/guides/j2eeguide/r2/en/html_single/#d0e2129 and DatabaseServerLoginModule. I want to integrate with existing sybase db's user/privilage table. The war file is bundled into ear file.

      when i browse http://localhost:8080/p5admin, the authentication dialogue box does not pop-up for the given url pattern. What could be missing?? Here are my configuration files


      WEB.XML
      ------

      <security-constraint>
       <display-name>Server Configuration Security Constraint</display-name>
       <web-resource-collection>
       <web-resource-name>Secure Resources</web-resource-name>
       <description>Security constraint for all resources</description>
       <url-pattern>/p5admin/*</url-pattern>
       <http-method>POST</http-method>
       <http-method>GET</http-method>
       </web-resource-collection>
       <auth-constraint>
       <description>Only allow those users that are in the following role</description>
       <role-name>SERVER_ADMIN</role-name>
       </auth-constraint>
      
       </security-constraint>
       <login-config>
       <auth-method>BASIC</auth-method>
       </login-config>
      
       <security-role>
       <description> SERVER_ADMIN role </description>
       <role-name>SERVER_ADMIN</role-name>
       </security-role>
      </web-app>


      jboss-web.xml
      -------------


      <web-app>
      
       <security-domain>java:/jaas/p5admin</security-domain>
      </web-app>


      login-config.xml
      ----------------

      <application-policy name = "p5admin">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag = "required">
       <module-option name = "dsJndiName">pstDS_01</module-option>
       <module-option name = "principalsQuery">SELECT userPassword FROM PST_User WHERE userID=?</module-option>
       <module-option name = "rolesQuery">SELECT privilegeID, 'Roles' FROM PST_AEPrivilege WHERE userID=?</module-option>
       </login-module>
       </authentication>
       </application-policy>
      </policy>



      TIA

      bhat