[jboss-user] [Security & JAAS/JBoss] - Re: mapping principals with digital certificates

anil.saldhana@jboss.com do-not-reply at jboss.com
Wed Oct 10 12:08:00 EDT 2007


  |          <!-- The JAAS based authentication and authorization realm implementati
  | on
  |          that is compatible with the jboss 3.2.x realm implementation.
  |          - certificatePrincipal : the class name of the
  |          org.jboss.security.auth.certs.CertificatePrincipal impl
  |          used for mapping X509[] cert chains to a Princpal.
  |          - allRolesMode : how to handle an auth-constraint with a role-name=*,
  |          one of strict, authOnly, strictAuthOnly
  |            + strict = Use the strict servlet spec interpretation which requires
  |            that the user have one of the web-app/security-role/role-name
  |            + authOnly = Allow any authenticated user
  |            + strictAuthOnly = Allow any authenticated user only if there are no
  |            web-app/security-roles
  |          -->
  |          <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
  |             certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping
  | "
  |             allRolesMode="authOnly"
  |             />
  | 

server.xml  - Realm

I think you need an implementation of CertificatePrincipal

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4093590#4093590

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4093590



More information about the jboss-user mailing list