Thanks. It does help.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Friday, August 29, 2003 5:00
AM
To:
[EMAIL PROTECTED]
Subject: Antwort: [JBoss-user]
User authorization/authentication with JBossMQ
Maybe this will help :-) NO user entries in
jbossmq-state.xml, but stored in a central database using JAAS
DatabaseServerLoginModule
in
../conf/login-config.xml
<!-- JBossMQ Security Domain -->
<application-policy name = "jbossmq">
<!-- Lookup user/roles in security database -->
<authentication>
<login-module code =
"org.jboss.security.auth.spi.DatabaseServerLoginModule" flag =
"required">
<module-option name =
"unauthenticatedIdentity">JMS-Guest</module-option>
<module-option name =
"dsJndiName">java:/SystemJaasDS</module-option>
<module-option name =
"principalsQuery">SELECT password FROM principals WHERE principal_id=?</module-option>
<module-option name =
"rolesQuery">SELECT role, 'Roles' FROM roles WHERE principal_id=?
AND rolecontext='JMS-System'</module-option>
</login-module>
</authentication>
</application-policy>
<!-- JmsXA Resource Adapter Security Domain -->
<application-policy name = "JmsXARealm">
<!-- Lookup user/roles in security database -->
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name =
"unauthenticatedIdentity">JMS-Guest</module-option>
<module-option name =
"dsJndiName">java:/SystemJaasDS</module-option>
<module-option name =
"principalsQuery">SELECT password FROM principals WHERE
principal_id=?</module-option>
<module-option name =
"rolesQuery">SELECT role, 'Roles' FROM roles WHERE principal_id=?
AND rolecontext='JMS-System'</module-option>
</login-module>
</authentication>
Ulf
Schroeter
IT Entwicklung - Design & Research
MobilCom Communikationstechnik GmbH
Hollerstr. 126
24782 Buedelsdorf
Tel.: 04331- 69 37 43
Fax: 04331- 69 28 99
Besucheradresse: Wollinstr. 10
|
[EMAIL PROTECTED]
Gesendet
von: [EMAIL PROTECTED]
29.08.2003 04:20
Bitte
antworten an jboss-user
|
An: [EMAIL PROTECTED]
Kopie:
Thema: [JBoss-user] User
authorization/authentication with JBossMQ
|
I was wondering why the user authorization/authentication
with JBossMQ was configured through this jbossmq-state.xml file (In JBoss
3.0.5) and not through a more standard JAAS security domain?
Another way to ask the question is: can I use
the
JBossSX login modules (like the LdapLoginModule) for the JBossMQ authentication/authorization
instead of having all the user and roles defined in the jbossmq-state.xml?
If yes, any pointers will be appreciated.
Thanks.
Thomas Cherel
|