hi ,
I am implementing JAAS file based security mechanism .
Web app name is FlyWeb.
For that below is entry in web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name/>
<url-pattern>/jsp/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<description></description>
<role-name>pilot</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>pilot</role-name>
</security-role>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>java:/jaas/FlyWeb</realm-name>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/error.jsp</form-error-page>
</form-login-config>
</login-config>
entry in WEB-INF/jboss-web.xml
jboss-web.xml
<jboss-web>
<security-domain>java:/jaas/FlyWeb</security-domain>
<context-root>FlyWeb</context-root>
</jboss-web>
i have placed 3 files inside META-INF of EAR in which this FlyWeb.war is kept.
entry in those 3 files as below
jboss-app.aml
<jboss-app>
<module>
<service>jboss-service.xml</service>
</module>
</jboss-app>
jboss-service.xml
<server>
<!-- hooking in a login module for the standalone version of JSF Forums -->
<!-- The custom JAAS login configuration that installs
a Configuration capable of dynamically updating the
config settings
-->
<mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
name="jboss.security.tests:service=LoginConfig">
<attribute name="AuthConfig">META-INF/security-config.xml</attribute>
<depends optional-attribute-name="LoginConfigService">
jboss.security:service=XMLLoginConfig
</depends>
<depends optional-attribute-name="SecurityManagerService">
jboss.security:service=JaasSecurityManager
</depends>
</mbean>
</server>
security-config.xml
<policy>
<application-policy name="FlyWeb">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties">props/FlyWeb-users.properties</module-option>
<module-option name="rolesProperties">props/FlyWeb-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
</policy>
also i have placed 2 properties file /FlyWeb-users.properties and/FlyWeb-roles.properties in /usr/local/jboss/server/default/deploy/conf/propsfolder.
jboss_home is usr/local/jboss
but every time when i m entering user name & passwd it is going to error.jsp .
can anybody please help me in rectifying the problem . Is anything that i m missing ?
Thanks
in advance