• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Some JAAS questions

 
Ranch Hand
Posts: 81
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi there,
I'm trying to get an applet running using JBoss3.2.3 as AS. I would like to have JAAS handle the security issues..
So I took a look at
https://coderanch.com/t/88165/JBoss/JAAS-JBOSS-Tutorial
and many other documents (sigh) but I couldn't find the answer on some of my questions:
* I know how to secure a webpage, a client will ask a secured page and tomcat will redirect you to a login page, but how does this work in an application? Will the AS ask me to login if I try to connect to a secured bean, or does the app have to login first, and then access the beans?
* If the app has to login first, I read in the how-to to use some code like this:
ctx = new LoginContext("secDomain", (CallbackHandler)handler);
ctx.login();
with secDomain the same name as the one defined in the jboss.xml on the AS. But how is the app supposed to know where to find the server? Shouldn't I include some kind of properties file telling the app on what Ip ort the server is running?
* If I add the lines below to my login-config.xml I get an error on starting JBoss:
<application-policy name="lmsintl">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/appsettings</module-option>
<module-option name="principalsQuery">Select password from User where username = ?</module-option>
<module-option name="rolesQuery">Select role as Role from Roles where username = ?</module-option>
</login-module>
</authentication
</application-policy>
The error is:
10:26:18,020 WARN [XMLLoginConfigImpl] Failed to load config: file:/D:/jboss-3.
2.3/server/lms/conf/login-config.xml
org.jboss.security.auth.login.ParseException: Encountered "<?xml" at line 1, column 1.
Was expecting one of:
<EOF>
<IDENTIFIER> ...
My head is hurting from bamging it against my keyboard.. I'm a great fan of OS but some more documentation wouldn't hurt..
Thanks in advance!
Sebastiaan
[ March 12, 2004: Message edited by: Sebastiaan Kortleven ]
 
Ranch Hand
Posts: 567
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The ParseException is complaining about your login-config.xml.
My login-config.xml starts off with the line:
<?xml version='1.0'?>
which causes no problems and seems logical. It seems like the parser is giving the wrong error message. Have another look at the file and see if there are any other XML errors.
 
Sebastiaan Kortleven
Ranch Hand
Posts: 81
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I validated the xml file and it came out correct, so it wasn't a syntax error.
I moved the lines I added to the top of the file and now it works just fine..
tnx!
 
reply
    Bookmark Topic Watch Topic
  • New Topic