*
The moose likes Security and the fly likes webspehere security setting Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "webspehere security setting" Watch "webspehere security setting" New topic
Author

webspehere security setting

JigaR Parekh
Ranch Hand

Joined: May 23, 2005
Posts: 112
Hi i am currently using jboss 3.2.3 and i have setup security by DatabaseServerLoginModule which will search in db for principal,password and role. I have done this setup by following configuration in login-config.xml of jboss.

<application-policy name = "vmc-security">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
<module-option name="dsJndiName">java:/ssc</module-option>
<module-option name = "principalsQuery">select Password from Principals where PrincipalID=?</module-option>
<module-option name = "rolesQuery">select Role, RoleGroup from Roles where PrincipalID=?</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=ssc</module-option>
</login-module>
</authentication>
</application-policy>

i have also made every servlet secure from web.xml

Now i want to migrate to websphere 5.1 so how can i achive with websphere???
Paul Sturrock
Bartender

Joined: Apr 14, 2004
Posts: 10336

The only way someone could answer that is by repeating what is in the Info Center documentation for WAS 5.1. WebSphere is quite a complex and involved application, so there is no quick way to do what you ask. Your best route is to read through the security sections in the docs.
[ May 23, 2005: Message edited by: Paul Sturrock ]

JavaRanch FAQ HowToAskQuestionsOnJavaRanch
jack poul
Greenhorn

Joined: May 24, 2005
Posts: 1
In websphere folder there should be a file called security.xml

In this file there is certain configuration available

<applicationLoginConfig xmi:id="JAASConfiguration_1">
<entries xmi:id="JAASConfigurationEntry_4" alias="XXXXLogin">
<loginModules xmi:id="JAASLoginModule_1" moduleClassName="com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy" authenticationStrategy="REQUIRED">
<options xmi:id="Property_4" name="delegate" value="xxx.yyy.SomeDbUserPasswordLoginModule"/>
<options xmi:id="Property_5" name="loginValidatorClass" value="xxxx.yyyy.AuthenticationValidatorClass"/>
<options xmi:id="Property_6" name="debug" value="true"/>
</loginModules>
</entries>
</applicationLoginConfig>

This is associated with the application.
JigaR Parekh
Ranch Hand

Joined: May 23, 2005
Posts: 112
thx for reply,

you mean to say that i have to implement two classes
1)SomeDbUserPasswordLoginModule
2)AuthenticationValidatorClass

Where i can get information how to implement these classes ?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: webspehere security setting
 
Similar Threads
[jboss jaas] login-conf.xml configuration
req.isUserInRole("admin"); return false??
[DatabaseServerLoginModule] module-option query
[DatabaseServerLoginModule] module-option query
JBoss Authentication