We have configured JAAS to authenticate users using digital certificates and roles stored
in a database. It work fine, but we have a problem with the "Principal".
By default, when you use a digital certificate in JAAS, the Principal is the
"DN:Distinguished Name" of the user certificate. But we want to map this
Principal with another more simple like "user1", because the DN is a long text.
In the login-config.xml we use:
<application-policy name = "app1">
<login-module code =
"org.jboss.security.auth.spi.DatabaseCertLoginModule"
flag = "required">
<module-option name =
"password-stacking">useFirstPass</module-option>
<module-option name =
"securityDomain">java:/jaas/jmx-console</module-option>
<module-option name =
"verifier">org.jboss.security.auth.certs.AnyCertVerifier</module-option>
<module-option name =
"dsJndiName">java:/MySqlDS</module-option>
<module-option name = "rolesQuery">SELECT Role,
'Roles' FROM Roles WHERE ID=?</module-option>
</login-module>
</application-policy>
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4090110#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...