[jboss-cvs] JBossAS SVN: r104476 - in branches/JBPAPP_5_1_hornetq-int: hornetq-int/src/etc and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed May 5 09:45:31 EDT 2010
Author: ataylor
Date: 2010-05-05 09:45:30 -0400 (Wed, 05 May 2010)
New Revision: 104476
Added:
branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/hornetq-roles.properties
branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/hornetq-users.properties
branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/login-config.xml
Modified:
branches/JBPAPP_5_1_hornetq-int/build/build-distr.xml
branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/etc/switch.sh
Log:
added security stuff
Modified: branches/JBPAPP_5_1_hornetq-int/build/build-distr.xml
===================================================================
--- branches/JBPAPP_5_1_hornetq-int/build/build-distr.xml 2010-05-05 13:03:01 UTC (rev 104475)
+++ branches/JBPAPP_5_1_hornetq-int/build/build-distr.xml 2010-05-05 13:45:30 UTC (rev 104476)
@@ -799,6 +799,7 @@
<copy todir="${install.root}/extras/hornetq">
<fileset dir="${_module.output}/">
<include name="resources/*.xml"/>
+ <include name="resources/*.properties"/>
<include name="lib/**/*"/>
</fileset>
</copy>
Modified: branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/etc/switch.sh
===================================================================
--- branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/etc/switch.sh 2010-05-05 13:03:01 UTC (rev 104475)
+++ branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/etc/switch.sh 2010-05-05 13:45:30 UTC (rev 104476)
@@ -31,13 +31,21 @@
rm $JBOSS_HOME/server/$CONFIG_NAME/deployers/messaging-definitions-jboss-beans.xml
cp resources/ejb-deployer-jboss-beans.xml $JBOSS_HOME/server/$CONFIG_NAME/deployers/
-mkdir $JBOSS_HOME/server/$CONFIG_NAME/deploy/hornetq
+rm -r $JBOSS_HOME/server/$CONFIG_NAME/conf/props/messaging-roles.properties
+rm -r $JBOSS_HOME/server/$CONFIG_NAME/conf/props/messaging-users.properties
-cp resources/jboss-as-6/$CONFIG/hornetq-configuration.xml $JBOSS_HOME/server/$CONFIG_NAME/deploy/hornetq
-cp resources/jboss-as-6/$CONFIG/hornetq-jboss-beans.xml $JBOSS_HOME/server/$CONFIG_NAME/deploy/hornetq
-cp resources/jboss-as-6/$CONFIG/hornetq-jms.xml $JBOSS_HOME/server/$CONFIG_NAME/deploy/hornetq
-cp resources/jboss-as-6/$CONFIG/jms-ds.xml $JBOSS_HOME/server/$CONFIG_NAME/deploy/hornetq
+cp resources/hornetq-roles.properties $JBOSS_HOME/server/$CONFIG_NAME/conf/props/
+cp resources/hornetq-users.properties $JBOSS_HOME/server/$CONFIG_NAME/conf/props/
+cp resources/login-config.xml $JBOSS_HOME/server/$CONFIG_NAME/conf/
+mkdir $JBOSS_HOME/server/$CONFIG_NAME/deploy/hornetq.sar
+
+cp resources/jboss-as-6/$CONFIG/hornetq-configuration.xml $JBOSS_HOME/server/$CONFIG_NAME/deploy/hornetq.sar
+cp resources/jboss-as-6/$CONFIG/hornetq-jboss-beans.xml $JBOSS_HOME/server/$CONFIG_NAME/deploy/hornetq.sar
+cp resources/jboss-as-6/$CONFIG/hornetq-jms.xml $JBOSS_HOME/server/$CONFIG_NAME/deploy/hornetq.sar
+cp resources/jboss-as-6/$CONFIG/jms-ds.xml $JBOSS_HOME/server/$CONFIG_NAME/deploy/hornetq.sar
+
+
rm $JBOSS_HOME/server/$CONFIG_NAME/deploy/jms-ra.rar
mkdir $JBOSS_HOME/server/$CONFIG_NAME/deploy/jms-ra.rar
@@ -49,4 +57,5 @@
}
create "default" "non-clustered"
create "all" "clustered"
+create "standard" "non-clustered"
Added: branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/hornetq-roles.properties
===================================================================
--- branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/hornetq-roles.properties (rev 0)
+++ branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/hornetq-roles.properties 2010-05-05 13:45:30 UTC (rev 104476)
@@ -0,0 +1,4 @@
+#
+# user=role1,role2,...
+#
+guest=guest
Added: branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/hornetq-users.properties
===================================================================
--- branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/hornetq-users.properties (rev 0)
+++ branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/hornetq-users.properties 2010-05-05 13:45:30 UTC (rev 104476)
@@ -0,0 +1,4 @@
+#
+# user=password
+#
+guest=guest
\ No newline at end of file
Added: branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/login-config.xml
===================================================================
--- branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/login-config.xml (rev 0)
+++ branches/JBPAPP_5_1_hornetq-int/hornetq-int/src/resources/login-config.xml 2010-05-05 13:45:30 UTC (rev 104476)
@@ -0,0 +1,146 @@
+<?xml version='1.0'?>
+
+<!-- The XML based JAAS login configuration read by the
+org.jboss.security.auth.login.XMLLoginConfig mbean. Add
+an application-policy element for each security domain.
+
+The outline of the application-policy is:
+<application-policy name="security-domain-name">
+ <authentication>
+ <login-module code="login.module1.class.name" flag="control_flag">
+ <module-option name = "option1-name">option1-value</module-option>
+ <module-option name = "option2-name">option2-value</module-option>
+ ...
+ </login-module>
+
+ <login-module code="login.module2.class.name" flag="control_flag">
+ ...
+ </login-module>
+ ...
+ </authentication>
+</application-policy>
+
+$Id: login-config.xml 76444 2008-07-29 23:50:53Z sguilhen at redhat.com $
+$Revision: 76444 $
+-->
+
+<policy>
+ <!-- Used by clients within the application server VM such as
+ mbeans and servlets that access EJBs.
+ -->
+ <application-policy name="client-login">
+ <authentication>
+ <login-module code="org.jboss.security.ClientLoginModule"
+ flag="required">
+ <!-- Any existing security context will be restored on logout -->
+ <module-option name="restore-login-identity">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- Security domains for testing new jca framework -->
+ <application-policy name="HsqlDbRealm">
+ <authentication>
+ <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule"
+ flag="required">
+ <module-option name="principal">sa</module-option>
+ <module-option name="userName">sa</module-option>
+ <module-option name="password"></module-option>
+ <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name="JmsXARealm">
+ <authentication>
+ <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule"
+ flag="required">
+ <module-option name="principal">guest</module-option>
+ <module-option name="userName">guest</module-option>
+ <module-option name="password">guest</module-option>
+ <module-option name="managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- A template configuration for hornetq. This
+ defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+<application-policy name="hornetq">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <module-option name = "unauthenticatedIdentity">guest</module-option>
+ <module-option name="usersProperties">props/hornetq-users.properties</module-option>
+ <module-option name="rolesProperties">props/hornetq-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- A template configuration for the jmx-console web application. This
+ defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name="jmx-console">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <module-option name="usersProperties">props/jmx-console-users.properties</module-option>
+ <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- A template configuration for the web-console web application. This
+ defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name="web-console">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <module-option name="usersProperties">web-console-users.properties</module-option>
+ <module-option name="rolesProperties">web-console-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!--
+ A template configuration for the JBossWS security domain.
+ This defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name="JBossWS">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <module-option name="usersProperties">props/jbossws-users.properties</module-option>
+ <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
+ <module-option name="unauthenticatedIdentity">anonymous</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- The default login configuration used by any security domain that
+ does not have a application-policy entry with a matching name
+ -->
+ <application-policy name="other">
+ <!-- A simple server login module, which can be used when the number
+ of users is relatively small. It uses two properties files:
+ users.properties, which holds users (key) and their password (value).
+ roles.properties, which holds users (key) and a comma-separated list of
+ their roles (value).
+ The unauthenticatedIdentity property defines the name of the principal
+ that will be used when a null username and password are presented as is
+ the case for an unuathenticated web client or MDB. If you want to
+ allow such users to be authenticated add the property, e.g.,
+ unauthenticatedIdentity="nobody"
+ -->
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required"/>
+ </authentication>
+ </application-policy>
+
+</policy>
More information about the jboss-cvs-commits
mailing list