[jboss-user] [Security & JAAS/JBoss] - JBoss won't load login-config from webapp

Tue Jul 15 07:40:00 EDT 2008

Hi,

I got 3 projects bundled together and deployed in a single EAR. In the web-project I have a web.xml with the following content

anonymous wrote : <security-constraint>
  | 		<web-resource-collection>
  | 			<web-resource-name>Faces Servlet</web-resource-name>
  | 			
  | 				The security configuration that only allows users with
  | 				the role SSL Explorer Gateway to access the Radis
  | 				console web application
  | 			
  | 			<url-pattern>/*</url-pattern>
  | 			<http-method>GET</http-method>
  | 			<http-method>POST</http-method>
  | 		</web-resource-collection>
  |  		<auth-constraint>
  | 			<role-name>1</role-name>
  | 			<role-name>5</role-name>
  | 			<role-name>9</role-name>
  | 		</auth-constraint>
  | 	
  | 	</security-constraint>
  | 
  | 	<login-config>
  | 		<auth-method>BASIC</auth-method>
  | 		<realm-name>Radis-Console</realm-name>
  | 	</login-config>
  |  
  | 	<security-role>
  | 		Rolle normaler Benutzer
  | 		<role-name>1</role-name>
  | 	</security-role>
  | 	
  | 	<security-role>
  | 		Rolle Stammdaten
  | 		<role-name>5</role-name>
  | 	</security-role>
  | 	
  | 	<security-role>
  | 		Rolle Super User
  | 		<role-name>9</role-name>
  | 	</security-role>

I have the jboss-web.xml in the same folder

anonymous wrote : <jboss-web>
  | 	<security-domain>java:/jaas/MyTestApp</security-domain>
  | </jboss-web>

and the login-config is in the EAR project so it is deployed under /META-INF/ in the ear root directory.

anonymous wrote : 
  | 
  | 	<application-policy name="MyTestApp">
  | 		
  | 		<!-- Active directory configuration -->
  | 		<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule"	flag="required">
  | 		<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
  | 		(..)
  | 
  | 
  | 		<module-option name="roleFilter">(member={1})</module-option>
  | 		<module-option name="roleAttributeID">memberOf</module-option>
  | 		<module-option name="roleAttributeIsDN">true</module-option>
  | 		<module-option name="roleNameAttributeID">cn</module-option>
  | 		<module-option name="password-stacking">useFirstPass</module-option>
  | 		</login-module>
  | 		<!-- database configuration -->
  | 		<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
  | 		<module-option name="password-stacking">useFirstPass</module-option>
  | 		
  |                (..)
  | 
  | 		</login-module>
  | 		
  | 	</application-policy>
  | 
  | 

now it doesnt seem to load my login-config at all, it keeps trying to load the property files for the web-console application and when I remove that from the default login-config, apparently it doesnt do anything 

thanks in advance

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4164470#4164470

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4164470