Hello.
somehow I did not find examples of this in the forums or documentation.
I've set up a box where the users are required to authenticate using LDAP.
Practically, in in jboss/server/default/login-config.xml there is a policy like
<application-policy name = "LDAP">
<login-module code="org.jboss.security.auth.spi.LdapLoginModule"
flag="required">
...
and in the application's jboss-web.xml
<security-domain>java:/jaas/LDAP</security-domain>
and in the application's web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>SECURITY_DOMAIN</web-resource-name>
<url-pattern>/foo</url-pattern>
<url-pattern>/bar</url-pattern>
</web-resource-collection>
<auth-constraint><role-name>*</role-name> </auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>TEST</realm-name>
</login-config>
It works: the users that can authenticate themselves with LDAP have an access
to the application. However, of these I'd like only _some_ to be able to access
the application and role names are not too usable in our organisation.
Is there a way to define a list of accepted user names in auth-constraint or
something of the same effect?
-man
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3977777#3977777
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3977777
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
