This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes JBoss/WildFly and the fly likes Facing problem in imeplementing file based JAAS security mechanism Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "Facing problem in imeplementing file based JAAS security mechanism" Watch "Facing problem in imeplementing file based JAAS security mechanism" New topic
Author

Facing problem in imeplementing file based JAAS security mechanism

subuhi nigar
Greenhorn

Joined: Aug 28, 2012
Posts: 12
hi ,

I am implementing JAAS file based security mechanism .
Web app name is FlyWeb.
For that below is entry in web.xml

<security-constraint>
<web-resource-collection>
<web-resource-name/>
<url-pattern>/jsp/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<description></description>
<role-name>pilot</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>pilot</role-name>
</security-role>

<login-config>
<auth-method>FORM</auth-method>
<realm-name>java:/jaas/FlyWeb</realm-name>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/error.jsp</form-error-page>
</form-login-config>
</login-config>




entry in WEB-INF/jboss-web.xml


jboss-web.xml

<jboss-web>
<security-domain>java:/jaas/FlyWeb</security-domain>
<context-root>FlyWeb</context-root>
</jboss-web>


i have placed 3 files inside META-INF of EAR in which this FlyWeb.war is kept.

entry in those 3 files as below


jboss-app.aml

<jboss-app>
<module>
<service>jboss-service.xml</service>
</module>
</jboss-app>


jboss-service.xml

<server>
<!-- hooking in a login module for the standalone version of JSF Forums -->
<!-- The custom JAAS login configuration that installs
a Configuration capable of dynamically updating the
config settings
-->
<mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
name="jboss.security.tests:service=LoginConfig">
<attribute name="AuthConfig">META-INF/security-config.xml</attribute>
<depends optional-attribute-name="LoginConfigService">
jboss.security:service=XMLLoginConfig
</depends>
<depends optional-attribute-name="SecurityManagerService">
jboss.security:service=JaasSecurityManager
</depends>
</mbean>
</server>


security-config.xml

<policy>
<application-policy name="FlyWeb">
<authentication>

<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties">props/FlyWeb-users.properties</module-option>
<module-option name="rolesProperties">props/FlyWeb-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
</policy>


also i have placed 2 properties file /FlyWeb-users.properties and/FlyWeb-roles.properties in /usr/local/jboss/server/default/deploy/conf/propsfolder.

jboss_home is usr/local/jboss


but every time when i m entering user name & passwd it is going to error.jsp .

can anybody please help me in rectifying the problem . Is anything that i m missing ?

Thanks
in advance
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Facing problem in imeplementing file based JAAS security mechanism
 
Similar Threads
Failed to load users/passwords/role files
authentication problem
Enable Security for JBoss + WS
Secure jmx-console in JBoss 4.0.3
unable to add web-console user/password authentication