[jboss-user] [Security & JAAS/JBoss] - Re: Http status error 404: you requested resources are not a
jdsignature
do-not-reply at jboss.com
Fri Oct 26 15:36:55 EDT 2007
Thanks for your reply,
Can you tell me how I can have the container invoke the customized login module? you can see all my config files in the previous thread.
Does the container invoke a hidden servlet to handle the j_security_check action from the form?
where i should place the customized login module? under \jboss_home\server\default\deploy?
how many places need to be configured? jboss-web.xml, web.xml,login-config.xml, anywhere else?
<?xml version="1.0"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>SecurePages</web-resource-name>
Security constraint for resources in the secure directory
<url-pattern>/secure/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
only let the system user login
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
SSL not required
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/LoginError.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
The Secure ROLE
<role-name>admin</role-name>
</security-role>
</web-app>
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4099475#4099475
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4099475
More information about the jboss-user
mailing list