User development, A new message was posted in the thread "Client Cert Authentication in 5.1.0":
http://community.jboss.org/message/530855#530855 Author : dfisher Profile : http://community.jboss.org/people/dfisher Message: -------------------------------------------------------------- I'm upgrading from version 4.2.3 to 5.1.0 and I'm having trouble getting SSL client authentication and JAAS to work correctly. My session beans are annotated as: @statel...@securitydomain("ClientCertDomain")@WebContext( transportGuarantee = "CONFIDENTIAL", authMethod = "CLIENT-CERT") My login-config.xml contains the following entry: <application-policy name="ClientCertDomain"> <authentication> <login-module code="org.jboss.security.auth.spi.DatabaseCertLoginModule" flag="sufficient"> <module-option name="securityDomain">ClientCertDomain</module-option> ..... </login-module> </authentication> </application-policy> Invocations of the web service fail with: faultString: (401)Unauthorized The logs indicate that the security domain specified in the stateless session bean is "". Application Policy not obtained for domain=. Trying to obtain the App policy for the default domain of the layer:WEB This is apparently related to this bug: https://jira.jboss.org/jira/browse/JBAS-7037However, I cannot get the workaround to work. Is the best course of action to attempt to update the jars in the JBoss 5.1.0 distribution? Or is there another/better way to configure client cert based authorization? (We can't use WS-Security yet, our clients don't support it.) -------------------------------------------------------------- To reply to this message visit the message page: http://community.jboss.org/message/530855#530855
_______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
