• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Facing problem in imeplementing file based JAAS security mechanism

 
subuhi nigar
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi ,

I am implementing JAAS file based security mechanism .
Web app name is FlyWeb.
For that below is entry in web.xml

<security-constraint>
<web-resource-collection>
<web-resource-name/>
<url-pattern>/jsp/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<description></description>
<role-name>pilot</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>pilot</role-name>
</security-role>

<login-config>
<auth-method>FORM</auth-method>
<realm-name>java:/jaas/FlyWeb</realm-name>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/error.jsp</form-error-page>
</form-login-config>
</login-config>




entry in WEB-INF/jboss-web.xml


jboss-web.xml

<jboss-web>
<security-domain>java:/jaas/FlyWeb</security-domain>
<context-root>FlyWeb</context-root>
</jboss-web>


i have placed 3 files inside META-INF of EAR in which this FlyWeb.war is kept.

entry in those 3 files as below


jboss-app.aml

<jboss-app>
<module>
<service>jboss-service.xml</service>
</module>
</jboss-app>


jboss-service.xml

<server>
<!-- hooking in a login module for the standalone version of JSF Forums -->
<!-- The custom JAAS login configuration that installs
a Configuration capable of dynamically updating the
config settings
-->
<mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
name="jboss.security.tests:service=LoginConfig">
<attribute name="AuthConfig">META-INF/security-config.xml</attribute>
<depends optional-attribute-name="LoginConfigService">
jboss.security:service=XMLLoginConfig
</depends>
<depends optional-attribute-name="SecurityManagerService">
jboss.security:service=JaasSecurityManager
</depends>
</mbean>
</server>


security-config.xml

<policy>
<application-policy name="FlyWeb">
<authentication>

<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties">props/FlyWeb-users.properties</module-option>
<module-option name="rolesProperties">props/FlyWeb-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
</policy>


also i have placed 2 properties file /FlyWeb-users.properties and/FlyWeb-roles.properties in /usr/local/jboss/server/default/deploy/conf/propsfolder.

jboss_home is usr/local/jboss


but every time when i m entering user name & passwd it is going to error.jsp .

can anybody please help me in rectifying the problem . Is anything that i m missing ?

Thanks
in advance
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic