On 10/04/2011 03:44 PM, Bill Burke wrote:
Then, your web.xml could look like this:
<login-config>
<auth-method>JBOSS</auth-method>
<realm-name>jmx-console</realm-name>
</login-config>
And you don't have to do any real configuration from an application
perspective if there are already built in security domains that support
what you want to do.
I have a similar issue to some of your concerns to solve for JBoss
Remoting and inserting the 'Authenticator' during deployment has been
suggested - if we pick out the <realm-name> specified here an
authenticator based on the capabilities of the realm can be inserted
although you may still want app specific config when deciding between
say BASIC and FORM auth.