[jboss-user] [Security & JAAS/JBoss] - mapping principals with digital certificates
oconesa
do-not-reply at jboss.com
Mon Oct 1 04:18:05 EDT 2007
We have configured JAAS to authenticate users using digital certificates and roles stored in a database. It work fine, but we have a problem with the "Principal".
By default, when you use a digital certificate in JAAS, the Principal is the "DN:Distinguished Name" of the user certificate. But we want to map this Principal with another more simple like "user1", because the DN is a long text.
In the login-config.xml we use:
<application-policy name = "app1">
<login-module code = "org.jboss.security.auth.spi.DatabaseCertLoginModule"
flag = "required">
<module-option name = "password-stacking">useFirstPass</module-option>
<module-option name = "securityDomain">java:/jaas/jmx-console</module-option>
<module-option name = "verifier">org.jboss.security.auth.certs.AnyCertVerifier</module-option>
<module-option name = "dsJndiName">java:/MySqlDS</module-option>
<module-option name = "rolesQuery">SELECT Role, 'Roles' FROM Roles WHERE ID=?</module-option>
</login-module>
</application-policy>
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4090110#4090110
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4090110
More information about the jboss-user
mailing list