So, did the SimpleServerLogin get reploced?
If so is it in 2.0 or 2.1?
Also, how would this change using JAAS.
I'm assuming that
1) There is no need to edit the jboss.conf
2) There is no need to write to custom Module and therefore no need to
edit auth.conf
3) If I need to edit the auth.conf what is the new name of the class?
4) Where do I place the user.properties & roles.properties?
I am assuming that the client code would remain the same. The internal
class etc.
Wouldn't it be good to include this type of internall class to the
jboss-client.jar?
Is there any reason not to use
System.setProperty rather than java -D to set
java.security.auth.login.config
thanks.
d.
Hi Oleg
reponses below :-)
Edward
-----Original Message-----
From: Oleg Nitz [mailto:[EMAIL PROTECTED]]
Sent: 11 December 2000 16:01
To: jBoss
Subject: Re: [jBoss-User] Security Walkthrough/How To/Tutorial,
first
cut
>Edward,
>'m grateful to you for your documentation.
> don't agree with some statements, see below.
On Monday 11 December 2000 15:54, Kenworthy, Edward wrote:
>> By default, out-of-the zip file, jBoss is setup to use
not-JAAS
security,
>Why? JaasSecurityManagerService appears in the default
jboss.conf,
>auth.conf is set in jboss.properties.
>What else do you need to say that JAAS security is set up?
Yes you're right ! I re-read it right after I posted it and
realised I was
talking bollocks !
>> which consists of five classes:
>>
>>
>> ClientLoginModule } both sub-classes of LoginModule.
>> ServerLoginModule }
> These to are used by JAAS security stuff only.
Ah didnt realise that!
>Do you permit me to replace the current SimpleServerLoginModule
with your
>implementation?
Sure, I'd be honoured.
>Regards,
>Oleg
--
Doug Ferguson
Software Developer
www.coremetrics.com
512-342-2623x212
512-619-9972(cell)
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
List Help?: [EMAIL PROTECTED]
