[jboss-cvs] JBossAS SVN: r70418 - in projects/security/security-negotiation/trunk: spnego-configuration and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Mar 5 07:46:48 EST 2008
Author: darran.lofthouse at jboss.com
Date: 2008-03-05 07:46:48 -0500 (Wed, 05 Mar 2008)
New Revision: 70418
Added:
projects/security/security-negotiation/trunk/spnego-configuration/
projects/security/security-negotiation/trunk/spnego-configuration/.classpath
projects/security/security-negotiation/trunk/spnego-configuration/.project
projects/security/security-negotiation/trunk/spnego-configuration/build.xml
projects/security/security-negotiation/trunk/spnego-configuration/descriptors/
projects/security/security-negotiation/trunk/spnego-configuration/descriptors/darranlaptop.host.keytab
projects/security/security-negotiation/trunk/spnego-configuration/descriptors/jboss-service.xml
projects/security/security-negotiation/trunk/spnego-configuration/descriptors/login-config.xml
projects/security/security-negotiation/trunk/spnego-configuration/descriptors/spnego-roles.properties
projects/security/security-negotiation/trunk/spnego-configuration/descriptors/spnego-users.properties
projects/security/security-negotiation/trunk/spnego-configuration/src/
projects/security/security-negotiation/trunk/spnego-configuration/src/main/
Log:
Sample project to allow almost complete configuation within a sar.
Property changes on: projects/security/security-negotiation/trunk/spnego-configuration
___________________________________________________________________
Name: svn:ignore
+ bin
build
Added: projects/security/security-negotiation/trunk/spnego-configuration/.classpath
===================================================================
--- projects/security/security-negotiation/trunk/spnego-configuration/.classpath (rev 0)
+++ projects/security/security-negotiation/trunk/spnego-configuration/.classpath 2008-03-05 12:46:48 UTC (rev 70418)
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+ <classpathentry kind="src" path="src/main"/>
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+ <classpathentry kind="output" path="bin"/>
+</classpath>
Added: projects/security/security-negotiation/trunk/spnego-configuration/.project
===================================================================
--- projects/security/security-negotiation/trunk/spnego-configuration/.project (rev 0)
+++ projects/security/security-negotiation/trunk/spnego-configuration/.project 2008-03-05 12:46:48 UTC (rev 70418)
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+ <name>spnego-configuration</name>
+ <comment></comment>
+ <projects>
+ </projects>
+ <buildSpec>
+ <buildCommand>
+ <name>org.eclipse.jdt.core.javabuilder</name>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ </buildSpec>
+ <natures>
+ <nature>org.eclipse.jdt.core.javanature</nature>
+ </natures>
+</projectDescription>
Added: projects/security/security-negotiation/trunk/spnego-configuration/build.xml
===================================================================
--- projects/security/security-negotiation/trunk/spnego-configuration/build.xml (rev 0)
+++ projects/security/security-negotiation/trunk/spnego-configuration/build.xml 2008-03-05 12:46:48 UTC (rev 70418)
@@ -0,0 +1,53 @@
+
+<!-- Keeping the generic project name is important so we can deploy either project to
+ replace the config. -->
+
+<project name="LoginConfiguration" default="deploy" basedir=".">
+
+ <property name="src.dir" location="${basedir}/src" />
+ <property name="descriptors.dir" location="${basedir}/descriptors" />
+ <property name="lib.dir" location="${basedir}/lib" />
+
+ <property name="build.dir" location="${basedir}/build" />
+ <property name="build.classes.dir" location="${build.dir}/classes" />
+ <property name="build.deliverables.dir" location="${build.dir}/deliverables" />
+
+ <property name="jboss.home" location="/home/darranl/src/links/JBoss_Current" />
+ <property name="jboss.server.dir" location="${jboss.home}/server/default" />
+
+ <path id="project.classpath">
+ <fileset dir="${jboss.home}">
+ <include name="client/jbossall-client.jar" />
+ </fileset>
+ </path>
+
+ <target name="prepare">
+ <mkdir dir="${build.dir}"/>
+ <mkdir dir="${build.classes.dir}"/>
+ <mkdir dir="${build.deliverables.dir}"/>
+ </target>
+
+ <target name="compile" depends="prepare">
+ <!--javac srcdir="${src.dir}" destdir="${build.classes.dir}" debug="on" deprecation="on" optimize="off">
+ <classpath refid="project.classpath" />
+ </javac-->
+ </target>
+
+ <target name="package" depends="compile">
+ <jar destfile="${build.deliverables.dir}/${ant.project.name}.sar">
+ <metainf dir="${descriptors.dir}">
+ <include name="jboss-service.xml"/>
+ <include name="login-config.xml"/>
+ <include name="kerberos_darranl_com.keytab"/>
+ <include name="*.properties" />
+ </metainf>
+ <fileset dir="${build.classes.dir}">
+ <include name="**/*.class" />
+ </fileset>
+ </jar>
+ </target>
+
+ <target name="deploy" depends="package">
+ <copy file="${build.deliverables.dir}/${ant.project.name}.sar" todir="${jboss.server.dir}/deploy" />
+ </target>
+</project>
\ No newline at end of file
Property changes on: projects/security/security-negotiation/trunk/spnego-configuration/build.xml
___________________________________________________________________
Name: svn:keywords
+ Id Revision
Name: svn:eol-style
+ LF
Added: projects/security/security-negotiation/trunk/spnego-configuration/descriptors/darranlaptop.host.keytab
===================================================================
(Binary files differ)
Property changes on: projects/security/security-negotiation/trunk/spnego-configuration/descriptors/darranlaptop.host.keytab
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: projects/security/security-negotiation/trunk/spnego-configuration/descriptors/jboss-service.xml
===================================================================
--- projects/security/security-negotiation/trunk/spnego-configuration/descriptors/jboss-service.xml (rev 0)
+++ projects/security/security-negotiation/trunk/spnego-configuration/descriptors/jboss-service.xml 2008-03-05 12:46:48 UTC (rev 70418)
@@ -0,0 +1,32 @@
+<?xml version='1.0' encoding='UTF-8' ?>
+
+<!DOCTYPE server
+ PUBLIC "-//JBoss//DTD MBean Service 4.0//EN"
+ "http://www.jboss.org/j2ee/dtd/jboss-service_4_0.dtd">
+
+<server>
+
+ <mbean code="org.jboss.varia.property.SystemPropertiesService"
+ name="jboss.support:service=SystemProperties">
+
+ <attribute name="Properties">
+ java.security.krb5.kdc=dev44.qa.atl.jboss.com
+ java.security.krb5.realm=DEV44.QA.ATL.JBOSS.COM
+ </attribute>
+
+ </mbean>
+
+ <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
+ name="jboss.support:service=DynamicLoginConfig">
+
+ <attribute name="AuthConfig">META-INF/login-config.xml</attribute>
+
+ <depends optional-attribute-name="LoginConfigService">
+ jboss.security:service=XMLLoginConfig
+ </depends>
+ <depends optional-attribute-name="SecurityManagerService">
+ jboss.security:service=JaasSecurityManager
+ </depends>
+ </mbean>
+
+</server>
Property changes on: projects/security/security-negotiation/trunk/spnego-configuration/descriptors/jboss-service.xml
___________________________________________________________________
Name: svn:keywords
+ Id Revision
Name: svn:eol-style
+ LF
Added: projects/security/security-negotiation/trunk/spnego-configuration/descriptors/login-config.xml
===================================================================
--- projects/security/security-negotiation/trunk/spnego-configuration/descriptors/login-config.xml (rev 0)
+++ projects/security/security-negotiation/trunk/spnego-configuration/descriptors/login-config.xml 2008-03-05 12:46:48 UTC (rev 70418)
@@ -0,0 +1,86 @@
+<?xml version='1.0'?>
+<!DOCTYPE policy PUBLIC
+ "-//JBoss//DTD JBOSS Security Config 3.0//EN"
+ "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+
+<!-- The XML based JAAS login configuration read by the
+org.jboss.security.auth.login.XMLLoginConfig mbean. Add
+an application-policy element for each security domain.
+
+The outline of the application-policy is:
+<application-policy name="security-domain-name">
+ <authentication>
+ <login-module code="login.module1.class.name" flag="control_flag">
+ <module-option name = "option1-name">option1-value</module-option>
+ <module-option name = "option2-name">option2-value</module-option>
+ ...
+ </login-module>
+
+ <login-module code="login.module2.class.name" flag="control_flag">
+ ...
+ </login-module>
+ ...
+ </authentication>
+</application-policy>
+
+$Revision$
+-->
+
+<policy>
+
+ <application-policy name="host">
+ <authentication>
+ <login-module code="com.sun.security.auth.module.Krb5LoginModule"
+ flag="required">
+ <module-option name="storeKey">true</module-option>
+ <module-option name="useKeyTab">true</module-option>
+ <module-option name="keyTab">/home/darranl/src/kerberos/LoginConfiguration_Dev44/descriptors/darranlaptop.host.keytab</module-option>
+ <module-option name="principal">darranlaptop at DEV44.QA.ATL.JBOSS.COM</module-option>
+ <module-option name="doNotPrompt">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name="SPNEGO">
+ <authentication>
+ <login-module
+ code="org.jboss.security.negotiation.spnego.SPNEGOLoginModule"
+ flag="requisite">
+ <module-option name="password-stacking">useFirstPass</module-option>
+ <module-option name="serverSecurityDomain">
+ host
+ </module-option>
+ </login-module>
+ <login-module
+ code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <module-option name="password-stacking">useFirstPass</module-option>
+ <module-option name="usersProperties">META-INF/spnego-users.properties</module-option>
+ <module-option name="rolesProperties">META-INF/spnego-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- The default login configuration used by any security domain that
+ does not have a application-policy entry with a matching name
+ -->
+ <application-policy name = "other">
+ <!-- A simple server login module, which can be used when the number
+ of users is relatively small. It uses two properties files:
+ users.properties, which holds users (key) and their password (value).
+ roles.properties, which holds users (key) and a comma-separated list of
+ their roles (value).
+ The unauthenticatedIdentity property defines the name of the principal
+ that will be used when a null username and password are presented as is
+ the case for an unuathenticated web client or MDB. If you want to
+ allow such users to be authenticated add the property, e.g.,
+ unauthenticatedIdentity="nobody"
+ -->
+ <authentication>
+ <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required" />
+ </authentication>
+ </application-policy>
+
+</policy>
+
Property changes on: projects/security/security-negotiation/trunk/spnego-configuration/descriptors/login-config.xml
___________________________________________________________________
Name: svn:keywords
+ Id Revision
Name: svn:eol-style
+ LF
Added: projects/security/security-negotiation/trunk/spnego-configuration/descriptors/spnego-roles.properties
===================================================================
--- projects/security/security-negotiation/trunk/spnego-configuration/descriptors/spnego-roles.properties (rev 0)
+++ projects/security/security-negotiation/trunk/spnego-configuration/descriptors/spnego-roles.properties 2008-03-05 12:46:48 UTC (rev 70418)
@@ -0,0 +1,2 @@
+# A roles.properties file for use with the UsersRolesLoginModule
+darranl at DEV44.QA.ATL.JBOSS.COM=Mathematician,JBossAdmin
Added: projects/security/security-negotiation/trunk/spnego-configuration/descriptors/spnego-users.properties
===================================================================
--- projects/security/security-negotiation/trunk/spnego-configuration/descriptors/spnego-users.properties (rev 0)
+++ projects/security/security-negotiation/trunk/spnego-configuration/descriptors/spnego-users.properties 2008-03-05 12:46:48 UTC (rev 70418)
@@ -0,0 +1 @@
+
More information about the jboss-cvs-commits
mailing list