[PicketBox Development] - JBoss AS7: Enabling JASPI Authentication for Web Applications
by Stefan Guilhen
Stefan Guilhen [https://community.jboss.org/people/sguilhen] modified the document:
"JBoss AS7: Enabling JASPI Authentication for Web Applications"
To view the document, visit: https://community.jboss.org/docs/DOC-17782
--------------------------------------------------------------
This document describes the steps needed to enable JASPI authentication for Web applications on JBoss AS7.
h2. Application Server Configuration
The first step to enable JASPI is to configure a security domain that installs the JASPI login modules. So, in your standalone.xml (or domain.xml if using domain mode), add the JASPI configuration in the security subsystem:
<!-- security domain configuration for the jaspi web basic test -->
<security-domain name="jaspi-test" cache-type="default">
<authentication-jaspi>
<login-module-stack name="lm-stack">
<login-module code="UsersRoles" flag="required">
<module-option name="usersProperties" value="../standalone/configuration/jaspi-users.properties"/>
<module-option name="rolesProperties" value="../standalone/configuration/jaspi-roles.properties"/>
</login-module>
</login-module-stack>
<auth-module code="org.jboss.as.web.security.jaspi.modules.HTTPBasicServerAuthModule" login-module-stack-ref="lm-stack"/>
</authentication-jaspi>
</security-domain>
In this example we are configuring the *HTTPBasicServerAuthModule*, which will perform the *BASIC* authentication of a Web application. If *FORM* authentication is desired, just change the auth-module to *org.jboss.as.web.security.jaspi.modules.HTTPFormServerAuthModule*. Notice the configuration style is very similar to what is found in previous JBoss AS versions. The configured JASPI module can delegate the authentication and role mapping processes to a login module stack. In this case, we're using a simple UsersRoles module to authenticate and obtain roles for the users.
h3. Web Application Configuration
The next step is to configure the Web application. First, we specify the type of authentication that is to be performed. For example, an application that requires *BASIC* authentication must specify that in the *WEB-INF/web.xml* file:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/j2ee/web-app_2_5.xsd">
<security-constraint>
<web-resource-collection>
<web-resource-name>Home</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>architect</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>JASPI</realm-name>
</login-config>
<security-role>
<role-name>architect</role-name>
</security-role>
</web-app>
Finally, we need to link the Web application to the security domain that will perform the authentication and configure the valve that will enable the JASPI authentication. Both things are done in the *WEB-INF/jboss-web.xml* file:
<?xml version="1.0"?>
<jboss-web>
<security-domain>jaspi-test</security-domain>
<valve>
<class-name>org.jboss.as.web.security.jaspi.WebJASPIAuthenticator</class-name>
</valve>
</jboss-web>
The specified *<security-domain>* must match the name of the security domain that has been configured in the application server. It is also important that the *WebJASPIAuthenticatorValve* is configured as this valve replaces the Web container authenticator ir order to perform the JASPI authentication.
*NOTE:* the *WebJASPIAuthenticator* replaces the previous *org.jboss.web.tomcat.security.jaspi.TomcatJASPIAuthenticator* and *MUST* be configured in the *jboss-web.xml* file. JBoss AS7 doesn't allow for the configuration of authenticator valves in the JBossWeb subsystem like previous versions.
--------------------------------------------------------------
Comment by going to Community
[https://community.jboss.org/docs/DOC-17782]
Create a new document in PicketBox Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=102&c...]
12 years, 9 months
[JBoss Tools Development] - How to Build JBoss Tools with Maven 3
by Nick Boldt
Nick Boldt [https://community.jboss.org/people/nickboldt] modified the document:
"How to Build JBoss Tools with Maven 3"
To view the document, visit: https://community.jboss.org/docs/DOC-16604
--------------------------------------------------------------
+*This article is a replacement for its precursor, https://community.jboss.org/docs/DOC-15513 How to Build JBoss Tools 3.2 with Maven 3.*+
+*Note that this article only discusses building from trunk. If you need to build from a branch, or switch between branches and/or trunk, see* https://community.jboss.org/docs/DOC-17497 How to Build JBoss Tools With Maven3 - Working With Branches+.
h2. Prerequisites
1. Java 1.6 SDK
2. Maven 3.0.3
3. Ant 1.8.2 or later ***NEW***
4. About 6 GB of free disk space if you want to run all integration tests for (JBoss AS, Seam and Web Services Tools) - *requires VPN access*
5. subversion client 1.6.X (should work with lower version as well, but newer versions may not work as expected)
h2. Environment Setup
h3. Maven and Java
Make sure your maven 3 is available by default and Java 1.6 is used.
mvn -version
should print out something like
*pache Maven 3.0.3* (r1075438; 2011-02-28 12:31:09-0500)
*Java version: 1.6.0_25*, vendor: Sun Microsystems Inc.
*Java home: /usr/java/jdk1.6.0_25/jre*
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "2.6.42.3-2.fc15.x86_64", arch: "amd64", family: "unix"
#
h2. Building Everything In One Build Locally Via Commandline
To run a local build of JBoss Tools 3.3 against the new *Eclipse 3.7.2*-based Target Platform, I suggest a three two-step approach:
a) build the parent & target platform poms (v0.0.2-SNAPSHOT) *[NO LONGER REQUIRED, THESE CAN BE RESOLVED FROM https://repository.jboss.org/nexus/content/repositories/snapshots/org/jbo... JBoss Nexus]*
b) resolve the target platform to your local disk *[ONLY NEEDED https://source.jboss.org/browse/JBossTools/trunk/build/target-platform/un... WHEN THIS CHANGES]*
c) build against your local copy of the target platform [every time you change sources and want to rebuild]
Once (a) and (b) are done, you need only perform (c) iteratively until you're happy (that is, until everything compiles). This lets you test changes locally before committing back to SVN.
*(a) and (b) need only be done when the parent pom and Target Platform (TP) change.*
*a) build the parent & target platform poms (v0.0.3-SNAPSHOT is used for Beta1 and Beta2; v0.0.4-SNAPSHOT is used for Beta3 and beyond, and can be found in https://repository.jboss.org/nexus/content/repositories/snapshots/org/jbo... JBoss Nexus)
*
svn co http://svn.jboss.org/repos/jbosstools/trunk jbosstools
cd jbosstools/build/parent
mvn clean install
...
[INFO] Reactor Summary:
[INFO]
[INFO] JBoss Tools Target Platform Definition ............ SUCCESS [0.724s]
[INFO] JBoss Tools Parent ................................ SUCCESS [0.461s]
...
*NOTE: You need not fetch the entire JBoss Tools tree from SVN (or Git (http://divby0.blogspot.com/2011/01/howto-partially-clone-svn-repo-to-git....
*Instead, you can just fetch the build/ folder and one or more component folders, then as before,*
*build the parent pom. After that, go into the component folder and run maven there (#runmavenpercomponent).*
mkdir jbosstools
cd jbosstools
svn co http://svn.jboss.org/repos/jbosstools/trunk/build
svn co http://svn.jboss.org/repos/jbosstools/trunk/jmx
cd jbosstools/build/parent
mvn clean install
...
[INFO] Reactor Summary:
[INFO]
[INFO] JBoss Tools Target Platform Definition ............ SUCCESS [0.724s]
[INFO] JBoss Tools Parent ................................ SUCCESS [0.461s]
...
*b) resolve the target platform to your local disk*
There are two ways to do this:
i) Download and unpack the latest TP zip, *OR*
ii) Resolve the TP using Maven or Ant
+i) Download and unpack the latest TP zip+
You can either download the TP as a zip [5] and unpack it into some folder on your disk. For convenience, the easiest is to unzip into jbosstools/build/target-platform/REPO/, since that's where the Maven or Ant process will by default operate.
You can do that with any browser or on a command line with curl or similar:
curl -C - -O http://download.jboss.org/jbosstools/updates/target-platform_3.3.indigo.SR2/<actualFilename>.target.zip
...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 606M 100 606M 0 0 164k 0 1:02:54 1:02:54 --:--:-- 172k
and then unzip it here (the default path for -Dlocal.site, which means you can call maven with +*-Plocal.site*+ and not need to pass in +*-Dlocal.site=file:///path/to/some/other/folder/*+ as well):
mkdir -p ~/.m2/jbosstools-target-platform_3.3.indigo.SR2/
unzip *.target.zip -d ~/.m2/jbosstools-target-platform_3.3.indigo.SR2/
*(Note that the default path used for <local.site> will change every time a new target platform is released which is a significant change over the previous (eg., SR1, SR2), so if this breaks because the default not points at an empty folder, it's time to get a new TP! Hurray for build-time notification you're using an old target platform!)*
*OR*
*
*
+ii) Resolve the TP using Maven 3 or Ant 1.8+
cd jbosstools/build/target-platform
mvn clean install -Pget.local.target
The get.local.target profile will resolve the target platform file, multiple.target, as a p2 repository on your local disk in ~/trunk/build/target-platform/REPO/. It may take a while, so you're better off from a speed point-of-view simply fetching the latest zip [5]. However, if you want to see what actually happens to create the TP (as done in Hudson) this is the approach to take.
Since the Maven profile is simply a wrapper call to Ant, you can also use Ant 1.8 or later directly:
cd jbosstools/build/target-platform
ant help # show usage instructions
*c) build against your local copy of the target platform*
*NOTE:* You must specify a path starting with *file:///* (three or more slashes) to avoid errors such as "+p2.core.ProvisionException URI has an authority component+".
*LINUX / MAC USERS*
cd build
mvn clean install -U -B -fae -e -P local.site -Dlocal.site=file:///${HOME}/trunk/build/target-platform/REPO/ | tee build.all.log.txt
(tee is a program that pipes console output to BOTH console and a file so you can watch the build AND keep a log.)
*WINDOWS USERS*
cd c:\trunk\build
mvn3 clean install -U -B -fae -e -P local.site -Dlocal.site=file:///C:/trunk/build/target-platform/REPO/
or
mvn3 clean install -U -B -fae -e -Plocal.site -Dlocal.site=file:///C:/trunk/build/target-platform/REPO/ > build.all.log.txt
If you downloaded the zip and unpacked is somewhere else, use -Dlocal.site=file:///.../ to point at that folder instead.
#
h2. Building Individual Components Locally Via Commandline
First, see #build-everything previous section on building everything for parent pom and target platform bootstrapping.
Next, to build a single component (or even just a single plugin), go into that folder and run Maven there:
cd ~/trunk/jmx
mvn3 clean install -U -B -fae -e -P local.site -Dlocal.site=file:///${HOME}/trunk/build/target-platform/REPO/ | tee build.jmx.log.txt
+-- OR, if you prefer to use the "bootstrap profiles", which will build a given component PLUS its upstream JBoss Tools dependencies from source: --+
cd ~/trunk/build
mvn3 clean install -U -B -fae -e -P local.site,jmx-bootstrap -Dlocal.site=file:///${HOME}/trunk/build/target-platform/REPO/ | tee build.jmx.log.txt
++
#
h2. Building Locally In Eclipse
First, you must have installed m2eclipse into your Eclipse (or JBDS). You can install the currently supported version from this update site:
http://download.jboss.org/jbosstools/updates/indigo/ http://download.jboss.org/jbosstools/updates/indigo/
Next, start up Eclipse or JBDS and do *File > Import* to import the project(s) you already checked out from SVN above into your workspace.
https://community.jboss.org/servlet/JiveServlet/showImage/102-16604-28-13... https://community.jboss.org/servlet/JiveServlet/downloadImage/102-16604-2...
Browse to where you have the project(s) checked out, and select a folder to import pom projects. In this case, I'm importing the parent pom (which refers to the target platform pom). Optionally, you can add these new projects to a working set to collect them in your Package Explorer view.
https://community.jboss.org/servlet/JiveServlet/showImage/102-16604-28-13... https://community.jboss.org/servlet/JiveServlet/downloadImage/102-16604-2...
Once the project(s) are imported, you'll want to build them. You can either do *CTRL-SHIFT-X,M (Run Maven Build),* or right-click the project and select *Run As > Maven Build*. The following screenshots show how to configure a build job.
First, on the *Main* tab, set a *Name*, *Goals*, *Profile*(s), and add a *Parameter*. Or, if you prefer, put everything in the *Goals* field for simplicity:
+clean install -U -B -fae -e -Plocal.site -Dlocal.site=file://home/nboldt/tmp/JBT_REPO_Indigo/+
Be sure to check *Resolve Workspace artifacts*, and, if you have a newer version of Maven installed, point your build at that *Maven Runtime* instead of the bundled one that ships with m2eclipse.
https://community.jboss.org/servlet/JiveServlet/showImage/102-16604-28-13... https://community.jboss.org/servlet/JiveServlet/downloadImage/102-16604-2...
On the *JRE* tab, make sure you're using a 6.0 JDK.
https://community.jboss.org/servlet/JiveServlet/showImage/102-16604-28-13... https://community.jboss.org/servlet/JiveServlet/downloadImage/102-16604-2...
On the *Refresh* tab, define which workspace resources you want to refresh when the build's done.
https://community.jboss.org/servlet/JiveServlet/showImage/102-16604-28-13... https://community.jboss.org/servlet/JiveServlet/downloadImage/102-16604-2...
On the *Common* tab, you can store the output of the build in a log file in case it's particularly long and you need to refer back to it.
https://community.jboss.org/servlet/JiveServlet/showImage/102-16604-28-13... https://community.jboss.org/servlet/JiveServlet/downloadImage/102-16604-2...
Click *Run* to run the build.
https://community.jboss.org/servlet/JiveServlet/showImage/102-16604-28-13... https://community.jboss.org/servlet/JiveServlet/downloadImage/102-16604-2...
Now you can repeat the above step to build any other component or plugin or feature or update site from the JBoss Tools repo. Simply import the project(s) and build them as above.
h2. Tips and tricks for making BOTH PDE UI and headless Maven builds happy
It's fairly common to have plugins compiling in eclipse while tycho would not work. Basically you could say that tycho is far more picky compared to Eclipse PDE.
h3.
Check your build.properties
Check build.properties in your plugin. If it has warnings in Eclipse, you'll most likely end with tycho failing to compile your sources. You'll have to make sure that you correct all warnings.
Especially check your build.properties to have entries for *source..* and *output..*
*
*
source.. = src/
output.. = bin/
h2.
--------------------------------------------------------------
Comment by going to Community
[https://community.jboss.org/docs/DOC-16604]
Create a new document in JBoss Tools Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=102&c...]
12 years, 9 months
