• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

webspehere security setting

 
JigaR Parekh
Ranch Hand
Posts: 112
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi i am currently using jboss 3.2.3 and i have setup security by DatabaseServerLoginModule which will search in db for principal,password and role. I have done this setup by following configuration in login-config.xml of jboss.

<application-policy name = "vmc-security">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
<module-option name="dsJndiName">java:/ssc</module-option>
<module-option name = "principalsQuery">select Password from Principals where PrincipalID=?</module-option>
<module-option name = "rolesQuery">select Role, RoleGroup from Roles where PrincipalID=?</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=ssc</module-option>
</login-module>
</authentication>
</application-policy>

i have also made every servlet secure from web.xml

Now i want to migrate to websphere 5.1 so how can i achive with websphere???
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The only way someone could answer that is by repeating what is in the Info Center documentation for WAS 5.1. WebSphere is quite a complex and involved application, so there is no quick way to do what you ask. Your best route is to read through the security sections in the docs.
[ May 23, 2005: Message edited by: Paul Sturrock ]
 
jack poul
Greenhorn
Posts: 1
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In websphere folder there should be a file called security.xml

In this file there is certain configuration available

<applicationLoginConfig xmi:id="JAASConfiguration_1">
<entries xmi:id="JAASConfigurationEntry_4" alias="XXXXLogin">
<loginModules xmi:id="JAASLoginModule_1" moduleClassName="com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy" authenticationStrategy="REQUIRED">
<options xmi:id="Property_4" name="delegate" value="xxx.yyy.SomeDbUserPasswordLoginModule"/>
<options xmi:id="Property_5" name="loginValidatorClass" value="xxxx.yyyy.AuthenticationValidatorClass"/>
<options xmi:id="Property_6" name="debug" value="true"/>
</loginModules>
</entries>
</applicationLoginConfig>

This is associated with the application.
 
JigaR Parekh
Ranch Hand
Posts: 112
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thx for reply,

you mean to say that i have to implement two classes
1)SomeDbUserPasswordLoginModule
2)AuthenticationValidatorClass

Where i can get information how to implement these classes ?
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic