[jboss-user] [Security & JAAS/JBoss] - role-name in web.xml <-> principals?

SideWinder do-not-reply at jboss.com
Wed Nov 15 08:50:20 EST 2006

I am currently using JBoss 4.0.4 and try to write my own LoginModule to authenticate to a restricted web resource collection:

  | <security-constraint>
  | 	<web-resource-collection>
  | 		<web-resource-name>SampleApplication</web-resource-name>
  | 		<url-pattern>/SampleApplication/*</url-pattern>
  | 	</web-resource-collection>
  | 	<auth-constraint>
  | 		<role-name>CertifiedUser</role-name>
  | 	</auth-constraint>
  | 	<user-data-constraint>
  | 		<transport-guarantee>NONE</transport-guarantee>
  | 	</user-data-constraint>
  | </security-constraint>
  | <security-role>
  | 		<role-name>CertifiedUser</role-name>
  | </security-role>
the login with my login module works well, the principals are set. but i don't understand how to add the subject a role of the web.xml, in order to access the restricted content.

best regards,

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3986136#3986136

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3986136

More information about the jboss-user mailing list