• Post Reply Bookmark Topic Watch Topic
  • New Topic

J2EE Security and JAAS  RSS feed

 
Viswadas Leher
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am new to JAAS. I would like to find out how to specify with in an Archive file (.war) to use the JAAS authentication.
The scenario is : I have a web application. I would like to use JAAS to provide security to this application. Also i would like to use the HTTP Basic Authentication (browser login windows) for user interaction.
1) How do I specify the webapplication to use JAAS ? my web.xml currently looks like this:
<security-constraint>
<web-resource-collection>
<web-resource-name>Example1</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Demo Security Constraint</description>
<role-name>DemoAdminGroup</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>PublicRealm</realm-name>
</login-config>
<security-role>
<role-name>DemoAdminGroup</role-name>
</security-role>

2) How do I make the Basic authentication work with JAAS CallBackHandlers?
thnaks in advance,
- Leher
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!