[jboss-user] [Beginners Corner] - Re: JB Security + JB Identity

PeterJ do-not-reply at jboss.com
Fri Jun 5 12:24:25 EDT 2009


OK, what you need then is a way to hook up the access control info in your web.xml with some authentication mechanism. For that, you need a login module. You can read up about it in the docs, the security chater, probably starting with this [url][http://www.jboss.org/file-access/default/members/jbossas/freezone/docs/Server_Configuration_Guide/4/html/Security_on_JBoss-Defining_Security_Domains.html/url]

Essentailly, you need to do two things. First, you need to setup an application-policy entry in server/xx/conf/login-config.xml. This entry describes how authentication will take place. That file has several examples. Then you need to create a WEB-INF/jboss-web.xml file in your web app and identify the security domain that you set up in login-config.xml.

Here is a post that appears to have all of the pieces, using a database to store the authentication data:
http://www.jboss.org/index.html?module=bb&op=viewtopic&t=154350



View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4235706#4235706

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4235706



More information about the jboss-user mailing list