DIGESTAuth

Version 4

    DIGEST Authentication (4.0.4+)

     

    web.xml

    <?xml version="1.0"?>
    <!DOCTYPE web-app PUBLIC
       "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
       "http://java.sun.com/dtd/web-app_2_3.dtd">
    
    <web-app>
       <description>The standard web descriptor for the jmx-console</description>
    
       <!-- A security constraint that restricts access to the HTML JMX console
       to users with the role JBossAdmin. Edit the roles to what you want and
       uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
       secured access to the HTML JMX console.
       -->
       <security-constraint>
         <web-resource-collection>
           <web-resource-name>HtmlAdaptor</web-resource-name>
           <description>An example security config that only allows users with the
             role JBossAdmin to access the HTML JMX console web application
           </description>
           <url-pattern>/*</url-pattern>
         </web-resource-collection>
         <auth-constraint>
           <role-name>JBossAdmin</role-name>
         </auth-constraint>
       </security-constraint>
    
       <login-config>
          <auth-method>DIGEST</auth-method>
          <realm-name>JBoss JMX Console</realm-name>
       </login-config>
    
       <security-role>
          <role-name>JBossAdmin</role-name>
       </security-role>
    </web-app>
    

     

    login-config.xml

        <application-policy name = "jmx-console">
           <authentication>
              <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
                 flag = "required">
               <module-option name="usersProperties">props/jmx-console-users.properties</module-option>
               <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
               <module-option name="hashAlgorithm">MD5</module-option>
               <module-option name="hashEncoding">rfc2617</module-option>
               <module-option name="hashUserPassword">false</module-option>
               <module-option name="hashStorePassword">true</module-option>
               <module-option name="passwordIsA1Hash">true</module-option>
               <module-option name="storeDigestCallback">org.jboss.security.auth.spi.RFC2617Digest</module-option>
              </login-module>
           </authentication>
        </application-policy>
    

     

    jmx-console-users.properties

    # A sample users.properties file for use with the UsersRolesLoginModule
    admin=admin
    #[starksm@banshee9100 security]$ java -cp $JBOSS_HOME/server/default/lib/jbosssx.jar org.jboss.security.auth.spi.RFC2617Digest admin2 "JBoss JMX Console" admin2
    # with JBoss AS 6.x: java -cp $JBOSS_HOME/common/lib/jbosssx-server.jar org.jboss.security.auth.spi.RFC2617Digest admin2 "JBoss JMX Console" admin2
    admin2=a28c9ab431e878852135eac336fb0968