[jboss-user] [JBoss Portal] - Re: Custom Authentication

bdaw do-not-reply at jboss.com
Thu Jan 18 14:14:58 EST 2007


First of all PortalDS is not only for users. Portal objects, security and etc. is persisted there. Then rhere are two separate issues here:
1) Users management - so you can keep users in any other place. Abstraction is made by implementing UserModule and RoleModule (in 2.4) plus MembershipModule and UserProfileModule (in 2.6)

2) Authetication. JBoss Portal just plugs into JAAS in JBoss AS so in this case JBossSX. Look at login-config.xml. Portal implementation of LoginModule interface just relies on UserModule and RoleModule, and you need to inject additional role for each user (by default "Authenticated") that is used for securing Portal Servlet (look in web.xml for portal-server.war). You can use any other LoginModule implementation - just remember about portal servlet security.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4003483#4003483

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4003483



More information about the jboss-user mailing list