Tim H [
https://community.jboss.org/people/queuenut] commented on the document
"Using JBoss Negotiation on AS7"
To view all comments on this document, visit:
https://community.jboss.org/docs/DOC-16876#comment-10723
--------------------------------------------------
In order to get the jboss-negotiation-toolkit.war working under AS7.1, in addition to the
above, I had to add an extra login-module to the SPNEGO security-domain.
<login-module code="RealmUsersRoles" flag="required">
<module-option name="usersProperties"
value="/path/to/application-users.properties"/>
<module-option name="rolesProperties"
value="/path/to/application-roles.properties"/>
<module-option name="realm" value="ApplicationRealm"/>
<module-option name="password-stacking"
value="useFirstPass"/>
</login-module>
This is basically a copy of the entry for the "other" domain. I had to add the
full path to the two properties files as it didn't like ${jboss.server.config.dir} (I
was running on Windows using standalone.bat).
Lastly, I had to add the user entry to application-roles.properties
username@DOMAIN=Users
--------------------------------------------------