[jboss-user] [JBoss Getting Started Documentation] - Section 2.2.3: Security Service. A documentation bug.
berliita
do-not-reply at jboss.com
Mon Jul 16 16:38:20 EDT 2007
Buggy sentence: "If you've configured everything correctly and re-deployed the application, the next time you try to access the JMX Console, JBoss will ask you for a name and password."
Bug: Even if the reader follows meticulously the steps enumerated in the section, JBoss does not ask for a name and password. Instead, an error message is displayed: "HTTP Status 403 - Access to the requested resource has been denied".
Reason for the bug: The deploy/jmx-cosole.war/WEB-INF/web.xml file doesn't contain a "login-config" element. In order that an authentication dialog pops up, a "login-config" element must be present as a child of the root element (i.e. "web-app"). It must take the following form:
<login-config>
| <auth-method>XXX</auth-method>
| <realm-name>YYY</realm-name>
| </login-config>
where XXX is one of "BASIC", "DIGEST", "FORM", and "CLIENT-CERT", and YYY is a string to be displayed on the authentication dialog.
Bug fix: Add to the section instructions to add to the web.xml file a proper "login-config" element, as described above.
References: http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureAWebApplicationInJBoss (point 1).
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4064728#4064728
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4064728
More information about the jboss-user
mailing list