[jboss-user] [Security & JAAS/JBoss] - Re: Can I create a login .war module that my other .war modu
ragavgomatam
do-not-reply at jboss.com
Thu Jan 10 22:27:20 EST 2008
Answer is no. Make it a Custom Jaas Module & sprinkle <security-constraint>
| <web-resource-collection>
| <web-resource-name>SecurePages</web-resource-name>
| <description>
| Security constraint testing using custom Jaas Module
| </description>
| <url-pattern>/jsp/secure.jsp</url-pattern>
| <http-method>POST</http-method>
| <http-method>GET</http-method>
| </web-resource-collection>
| <auth-constraint>
| <description>Only let the authenticated users login</description>
| <role-name>admin</role-name>
| <role-name>webAdmin</role-name>
| </auth-constraint>
| <user-data-constraint>
| <description>Determines the transport layer security</description>
| <transport-guarantee>NONE</transport-guarantee>
| </user-data-constraint>
| </security-constraint>
| <login-config>
| <auth-method>BASIC</auth-method>
| <realm-name>JaasRealm</realm-name>
| </login-config>
| <security-role>
| <description>The Only Secure Role</description>
| <role-name>admin</role-name>
| </security-role>
| <security-role>
| <description>Another Secure Role</description>
| <role-name>webAdmin</role-name>
| </security-role> tags in your web.xml and
<security-domain>java:/jaas/MyJaas</security-domain>
jboss-web.xml. You are set.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4118900#4118900
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4118900
More information about the jboss-user
mailing list