[jboss-user] [Security & JAAS/JBoss] - Re: Validating login/password AND Client Certificate

Wednesday, 25 June 2008

Here is what I did to solve the issue. 

1. I extended org.jboss.security.auth.spi.BaseCertLoginModule and overriding the method
getAliasAndCert() with my own implementation. 

2. Use my extended LoginModule in place of BaseCertLoginModule in the login-config.xml
file.

3. In the login-config.xml file use both the username/password authentication login module
and the subclassed BaseCertLoginModule

4. In jboss-service.xml find the following entry
 	 <mbean code="org.jboss.security.plugins.JaasSecurityManagerService"

    In that change the values of the properties "DefaultCacheTimeout" and 
"DefaultCacheResolution" to zero. This is to disable the caching of security
credentials, so that your certificate will be validated properly without caching.

I hope this will be helpful for anyone. If you need further details on my implementation
of the getAliasAndCert() method, let me know. I will post the relevent portions of the
code in the forum.

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4160436#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [Security & JAAS/JBoss] - Re: Validating login/password AND Client Certificate