Hi, we would like to use our own login module to authenticate consumers and providers with our SOA-based infrastructure and I have the impression that Jboss totally ignores the custom login modules and instead uses it own
Im using by the way JBoss 4.0.4. RC1 with JDK 1.5 I have set up following sbb-login-config-xml | <?xml version='1.0'?> | <!DOCTYPE policy PUBLIC | "-//JBoss//DTD JBOSS Security Config 3.0//EN" | "http://www.jboss.org/j2ee/dtd/security_config.dtd";> | | <!-- The XML based JAAS login configuration read by the | org.jboss.security.auth.login.XMLLoginConfig mbean. Add | an application-policy element for each security domain. | | The outline of the application-policy is: | <application-policy name="security-domain-name"> | <authentication> | <login-module code="login.module1.class.name" flag="control_flag"> | <module-option name = "option1-name">option1-value</module-option> | <module-option name = "option2-name">option2-value</module-option> | ... | </login-module> | | <login-module code="login.module2.class.name" flag="control_flag"> | ... | </login-module> | ... | </authentication> | </application-policy> | | --> | <policy> | <application-policy name="auth-id-password"> | <authentication> | <login-module code="org.sopware.security.login.ldap.LDAPLoginModule" | flag="required"> | <module-option name="auth-type">auth-id-password</module-option> | <module-option name="container-type">JBOSS</module-option> | <module-option name="org.sopware.sbb.directory.master.url">ldap://localhost:389/ou=DataAuthenticationTSP,o=SOPware</module-option> | </login-module> | </authentication> | </application-policy> | | <application-policy name="auth-principal"> | <authentication> | <login-module code="org.sopware.security.login.ldap.LDAPLoginModule" | flag="required"> | <module-option name="auth-type">auth-principal</module-option> | <module-option name="org.sopware.sbb.directory.master.url">ldap://localhost:389/ou=DataAuthenticationTSP,o=SOPware</module-option> | </login-module> | </authentication> | </application-policy> | | <application-policy name="auth-token-checking"> | <authentication> | <login-module code="org.sopware.security.login.ldap.LDAPLoginModule" | flag="required"> | <module-option name="auth-type">auth-token-password</module-option> | <module-option name="container-type">JBOSS</module-option> | <module-option name="reauthentication">true</module-option> | <module-option name="org.sopware.sbb.directory.master.url">ldap://localhost:389/ou=DataAuthenticationTSP,o=SOPware</module-option> | </login-module> | </authentication> | </application-policy> | | </policy> | Im using this service.xml to startup the config <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE server> sbb-login-config.xml <depends optional-attribute-name="LoginConfigService"> jboss.security:service=XMLLoginConfig <depends optional-attribute-name="SecurityManagerService"> jboss.security:service=JaasSecurityManager The Jar file for the login module is in the server/lib. Is this the best way to put it ? Or do i need to put it in a jar file ? It seems that on startup the jar file can be accessed and is loaded. The security domain is set in the relevant DDs . According to the log is seems to be able to read my login-config file and reads out the security domains. But somehow its now able to use it and I dont get any error message because of it . by the way Im using it own server side and not on client side not als client login module but this is also something we consider . Any hints and tips ? Thx and rgds, Iris View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3959477#3959477 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3959477 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
