[jboss-user] [Security & JAAS/JBoss] - Jboss is not calling my custom login module

mqaiserm do-not-reply at jboss.com
Wed Oct 17 18:28:58 EDT 2007 

Hi, 

I am trying to write my own Login Module to execute some customization. I am extending class IdentityLoginModule and writing my own code to authenticate and authorize against LDAP. I don't want to use LDAPLoginModule because of some customization. So I wrote my own login module and compiled and now I am trying to use this in a web application but this module is not being executed. Any idea what is wrong?

I added my Realm setting in server/default/conf/login-config.xml:

<application-policy name = "QaiserRealm">
    
      <login-module code = "com.ercot.jaas.plugin.ErcotLoginModule"
                    flag = "required">
      </login-module>
    
  </application-policy>

My jboss-web.xml is :

<?xml version='1.0' encoding='UTF-8' ?>
 
<!DOCTYPE jboss-web
    PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"
    "http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd">

<jboss-web>
   <security-domain>java:/jaas/QaiserRealm</security-domain>
  
  <class-loading java2ClassLoadingCompliance="false">
   <loader-repository>
      log4j.test:loader=eTest.war
      <loader-repository-config>java2ParentDelegation=false</loader-repository-config>
   </loader-repository>
</class-loading>

</jboss-web>

And my web.xml is :

<?xml version="1.0"?>
<!DOCTYPE web-app PUBLIC
   "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
   "http://java.sun.com/dtd/web-app_2_3.dtd">

<web-app>
   eTest
   
   <security-constraint>
   	<web-resource-collection>
   		<web-resource-name>ercotTest</web-resource-name>
   		An example security config that only allows users with the
   			role JBossAdmin to access the HTML JMX console web application
   		
   		<url-pattern>/protected/*</url-pattern>
   		<http-method>GET</http-method>
   		<http-method>POST</http-method>
   	</web-resource-collection>
   	<auth-constraint>
   		<role-name>TestRole</role-name>
   	</auth-constraint>
   </security-constraint>
  <security-role>
      <role-name>TestRole</role-name>
   </security-role>
</web-app>

This TestRole is comming from LDAP and I am setting this in LoginModule. Problem is my custom login class is not even being called. Any idea?


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4096306#4096306

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4096306

More information about the jboss-user mailing list