[jboss-user] [Installation, Configuration & Deployment] - Re: JBoss fallback mechanism for authentication methods

Wolfgang Knauf do-not-reply at jboss.com
Thu Oct 1 11:19:18 EDT 2009

OK, having some more time ;-).

I think I misunderstood your question: you are still at the web level of security configuration, but I was much deeper in the security config ;-).

I think for the web layer, this is not possible. The only way I can imagine is that you call the authentication yourself using this: http://www.jboss.org/community/wiki/WebAuthentication
If the certificate login attempt fails, you might perform a user/password login.

Or you could try to find out how to extend JBoss to use multiple auth methods.

For the JBoss specific config of the multiple login modules, here is a helpful link: http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp07/html/Server_Configuration_Guide/Security_on_JBoss-Defining_Security_Domains.html
See the sample for an application-policy named "todo". 

Hope this helps


View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4258201#4258201

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4258201

More information about the jboss-user mailing list