[jboss-user] [Security & JAAS/JBoss] - HowTo Link LDAP-Group with Roles?
Zwitsch
do-not-reply at jboss.com
Thu Dec 7 12:50:49 EST 2006
Hi,
I spend nearly the whole day, reading tutorials, forums and books... I finally got my authentication working but am stuck with the authorization.
I can login, but am getting - reasonably - a 403 error.
I'm originally coming from WebSphere where the EAR links the LDAP-Groups with the JAAS roles with a ibm-application-bnd.xmi.
But how can I make it on Jboss???
I set up login-config.xml, application.xml (ear), jboss-web.xml and web.xml to make the authentication happen. Any other file to edit/add?
Thanks in advantage for you help!
Zwitsch
application.xml
| <display-name>
| KaskoEAR</display-name>
| <module>
| <web>
| <web-uri>Kasko.war</web-uri>
| <context-root>kasko</context-root>
| </web>
| </module>
| <security-role id="user">
| <description>User</description>
| <role-name>user</role-name>
| </security-role>
| <security-role id="poweruser">
| <description>Poweruser</description>
| <role-name>poweruser</role-name>
| </security-role>
| <security-role id="admin">
| <description>Admin User</description>
| <role-name>admin</role-name>
| </security-role>
| </application>
web.xml (extract)
!-- Security Config -->
|
| <login-config>
| <auth-method>BASIC</auth-method>
| <realm-name>Kasko Login</realm-name>
| </login-config>
|
| <!-- Security Contraints -->
|
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>Admin</web-resource-name>
| <url-pattern>/Start</url-pattern>
| <http-method>GET</http-method>
| <http-method>POST</http-method>
| </web-resource-collection>
| <auth-constraint>
| <role-name>admin</role-name>
| </auth-constraint>
| </security-constraint>
|
| <!-- Security Roles -->
|
| <security-role>
| <description>Administrator</description>
| <role-name>admin</role-name>
| </security-role>
jboss-web.xml
<jboss-web>
|
| <context-root>/kasko</context-root>
|
| <security-domain>java:/jaas/testdomain</security-domain>
|
| </jboss-web>
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3992020#3992020
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3992020
More information about the jboss-user
mailing list