File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes webspehere security setting Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "webspehere security setting" Watch "webspehere security setting" New topic

webspehere security setting

JigaR Parekh
Ranch Hand

Joined: May 23, 2005
Posts: 112
Hi i am currently using jboss 3.2.3 and i have setup security by DatabaseServerLoginModule which will search in db for principal,password and role. I have done this setup by following configuration in login-config.xml of jboss.

<application-policy name = "vmc-security">
<login-module code = "" flag="required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
<module-option name="dsJndiName">java:/ssc</module-option>
<module-option name = "principalsQuery">select Password from Principals where PrincipalID=?</module-option>
<module-option name = "rolesQuery">select Role, RoleGroup from Roles where PrincipalID=?</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=ssc</module-option>

i have also made every servlet secure from web.xml

Now i want to migrate to websphere 5.1 so how can i achive with websphere???
Paul Sturrock

Joined: Apr 14, 2004
Posts: 10336

The only way someone could answer that is by repeating what is in the Info Center documentation for WAS 5.1. WebSphere is quite a complex and involved application, so there is no quick way to do what you ask. Your best route is to read through the security sections in the docs.
[ May 23, 2005: Message edited by: Paul Sturrock ]

JavaRanch FAQ HowToAskQuestionsOnJavaRanch
jack poul

Joined: May 24, 2005
Posts: 1
In websphere folder there should be a file called security.xml

In this file there is certain configuration available

<applicationLoginConfig xmi:id="JAASConfiguration_1">
<entries xmi:id="JAASConfigurationEntry_4" alias="XXXXLogin">
<loginModules xmi:id="JAASLoginModule_1" moduleClassName="" authenticationStrategy="REQUIRED">
<options xmi:id="Property_4" name="delegate" value="xxx.yyy.SomeDbUserPasswordLoginModule"/>
<options xmi:id="Property_5" name="loginValidatorClass" value="xxxx.yyyy.AuthenticationValidatorClass"/>
<options xmi:id="Property_6" name="debug" value="true"/>

This is associated with the application.
JigaR Parekh
Ranch Hand

Joined: May 23, 2005
Posts: 112
thx for reply,

you mean to say that i have to implement two classes

Where i can get information how to implement these classes ?
I agree. Here's the link:
subject: webspehere security setting
It's not a secret anymore!