• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

How to use CertRolesLoginModule

 
Ranch Hand
Posts: 114
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Anyone have an example of how to use the predefined CertRolesLoginModule? I.E. I know how to define it in the login-config file but I am not really sure how to use it in code. I.E. what do I need to setup before I call my ejb method that is annotated with the @RolesAllowed and @SecurityDomain annotation.

Seems like I can find a ton of info out there about what to put in the config xml files but then what do you when you need to call the code?

Thanks,
Billy
 
author
Posts: 5856
7
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I will assume that you are getting to your EJBs via a servlet (you never said), or some servlet-based technology such as JSF. You need to secure the web pages to your app. The user will then be forced to sign in before accessing those pages. The resulting security credential is then kept by the thread and is used by the @RolesAllowed and similar annotations.
 
Bobby Anderson
Ranch Hand
Posts: 114
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Peter. I wasn't really doing anything with my web services/ servlets as far as security it was all in my EJBs. So I was really looking for this if anyone else cares.


 
Bobby Anderson
Ranch Hand
Posts: 114
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I did have one more question related to this login module. You need to specify the roles.properties somewhere. Jboss documentation says to put it in the conf directory which works just fine. But it also says you can put it in the "J2EE deployment jar". I am not really sure what that means.

My app servers are clustered so instead of putting this info in the conf directory of every server it would be nice to be able to deploy it with my .ear. Is this what they mean by the J2EE deployment jar? Probably not, but that means there is some other place I can put this file. Does anyone know where.

Also I know that you can re-name the file, but that is not really what I am looking for.

Thanks again,
Billy
 
Sheriff
Posts: 10445
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

My app servers are clustered so instead of putting this info in the conf directory of every server it would be nice to be able to deploy it with my .ear. Is this what they mean by the J2EE deployment jar?



Yes, that's what that line means. You can package those properties file in the root of the EAR or your jar.
 
No thanks. We have all the government we need. This tiny ad would like you to leave now:
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic