[jboss-dev-forums] [Design of Security on JBoss] - Re: Security Injection in AS5

sguilhen@redhat.com do-not-reply at jboss.com
Tue Mar 25 12:12:04 EDT 2008 

Here is some background information

As part of http://jira.jboss.org/jira/browse/JBAS-5312, I've created a new file, security-policies-beans.xml and configured the DynamicLoginConfig as a bean:


  | <?xml version="1.0" encoding="UTF-8"?>
  | 
  | <deployment xmlns="urn:jboss:bean-deployer:2.0">
  | 
  |    <bean name="StandardLoginConfig" class="org.jboss.security.auth.login.DynamicLoginConfig">
  |       <property name="policyConfig">
  |          <jbsx:policy
  |             xsi:schemaLocation="urn:jboss:security-config:5.0 resource:security-config_5_0.xsd"
  |             xmlns:jbsx="urn:jboss:security-config:5.0"
  |             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  |             <jbsx:application-policy name="jboss-web-policy" extends="other">
  |               <jbsx:authentication>
  |               </jbsx:authentication>
  |               <jbsx:authorization>
  |                <jbsx:policy-module code="org.jboss.security.authorization.modules.DelegatingAuthorizationModule" flag="required"/>
  |               </jbsx:authorization>
  |             </jbsx:application-policy>
  |             <jbsx:application-policy name="jboss-ejb-policy" extends="other">
  |               <jbsx:authentication>
  |               </jbsx:authentication>
  |               <jbsx:authorization>
  |                <jbsx:policy-module code="org.jboss.security.authorization.modules.DelegatingAuthorizationModule" flag="required"/>
  |               </jbsx:authorization>
  |             </jbsx:application-policy>
  |          </jbsx:policy>
  |       </property>
  |       <property name="mbeanServer"><inject bean="JMXKernel" property="mbeanServer"/></property>
  |       <property name="loginConfigService">jboss.security:service=XMLLoginConfig</property>
  |       <property name="securityManagerService">jboss.security:service=JaasSecurityManager</property>
  |       <!-- dependency to allow for a smooth shutdown -->
  |       <depends>jboss.security:service=XMLLoginConfig</depends>
  |    </bean>
  | 
  | </deployment>
  | 

This file replaced the old security-policies-service.xml, that was used to configure the DynamicLoginConfig as an MBean. I have tested this new configuration in many ways to make sure it was being properly parsed and the bean was being properly created.

Before committing the changes, I've decided to update the AS workspace to make sure everything was still working. I then started getting the parse error saying that  was not found as child of .

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4138774#4138774

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4138774

More information about the jboss-dev-forums mailing list