[jboss-user] [Security & JAAS/JBoss] - Jboss is not calling my custom login module
mqaiserm
do-not-reply at jboss.com
Wed Oct 17 18:28:58 EDT 2007
Hi,
I am trying to write my own Login Module to execute some customization. I am extending class IdentityLoginModule and writing my own code to authenticate and authorize against LDAP. I don't want to use LDAPLoginModule because of some customization. So I wrote my own login module and compiled and now I am trying to use this in a web application but this module is not being executed. Any idea what is wrong?
I added my Realm setting in server/default/conf/login-config.xml:
<application-policy name = "QaiserRealm">
<login-module code = "com.ercot.jaas.plugin.ErcotLoginModule"
flag = "required">
</login-module>
</application-policy>
My jboss-web.xml is :
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE jboss-web
PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd">
<jboss-web>
<security-domain>java:/jaas/QaiserRealm</security-domain>
<class-loading java2ClassLoadingCompliance="false">
<loader-repository>
log4j.test:loader=eTest.war
<loader-repository-config>java2ParentDelegation=false</loader-repository-config>
</loader-repository>
</class-loading>
</jboss-web>
And my web.xml is :
<?xml version="1.0"?>
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
eTest
<security-constraint>
<web-resource-collection>
<web-resource-name>ercotTest</web-resource-name>
An example security config that only allows users with the
role JBossAdmin to access the HTML JMX console web application
<url-pattern>/protected/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>TestRole</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>TestRole</role-name>
</security-role>
</web-app>
This TestRole is comming from LDAP and I am setting this in LoginModule. Problem is my custom login class is not even being called. Any idea?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4096306#4096306
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4096306
More information about the jboss-user
mailing list