[jboss-jira] [JBoss JIRA] Closed: (SECURITY-280) JASPI configuration delegating to JAAS login configuration

JASPI configuration delegating to JAAS login configuration ---------------------------------------------------------- Key: SECURITY-280 URL: https://jira.jboss.org/jira/browse/SECURITY-280 Project: JBoss Security and Identity Management Issue Type: Feature Request Security Level: Public(Everyone can see) Components: JBossSX Affects Versions: 2.0.2.CR6 Reporter: Anil Saldhana Assignee: Stefan Guilhen Fix For: 2.0.2.CR7 <deployment xmlns="urn:jboss:bean-deployer:2.0"> <application-policy xmlns="urn:jboss:security-beans:1.0" name="jaspi-test"> <authentication-jaspi> <login-module-stack name="lm-stack"> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> </login-module> </login-module-stack> <auth-module code="org.jboss.web.tomcat.security.jaspi.modules.HTTPBasicServerAuthModule" login-module-stack-ref="lm-stack"/> </authentication-jaspi> </application-policy> </deployment> Now since the jaspi layer tries to delegate stuff to the JAAS layer. We need to ensure that the JDK Configuration.getAppConfigurationEntry("jaspi-test") should be returning the stuff that is defined in the login module stack.