I'm a java developer, and I'm used to developing web applications.
Recently I've took a closer look at JAAS, and since some time ago when I last looked into it, I still have many questions around it.
This is one subject that, no matter how many tutorials I read, there is something about it that does not compute in my head.
You know that feeling that there is just some -click- that must happen before everything clears up in the brain? I think I need something like that.
The thing is: JAAS is around for quite some time. The way I see it, when I configure the roles and authentication mechanisms in a Web Application Server, I'm using JAAS behind, even without knowing how it glues stuff together.
I can define the authentication type in application server, then I define the roles in my web application, and then on deployment, I can map them together, or I can have a specific deployment file for a specific application server that helps automating the task.
I normally define a Form Based Login, then create a custom form with j_security_check ...
But then again, the JAAS defines some config files like:
Does the application server does it behind?
Recently I've came across a software that I can install on an application server, Bonita Open Solution
. Somewhere in the installation manual, I find something like:
- Copy the bonita.ear file into your JEE server deployment directory (e.g., jboss/server/default/deploy)
- Add BonitaAuth and BonitaStore login modules to the JAAS configuration for your JEE server:
o org.ow2.bonita.identity.auth.BonitaRemoteLoginModule (must be stacked with your JEE JAAS propagation login module)
o edit jboss/server/default/conf/login-config.xml to add:
<login-module code="org.ow2.bonita.identity.auth.BonitaIdentityLoginModule" flag="required"/>
<login-module code="org.ow2.bonita.identity.auth.BonitaRemoteLoginModule" flag="required"/>
<login-module code="org.jboss.security.ClientLoginModule" flag="required">
- Start the server.
What confusion is this?
Shouldn't this be simpler?
Can anyone throw me a light on this stuff? Because being a java developer, I'm starting to feel really bad for not knowing what starts feel like a basic subject ...