[jboss-user] [Security & JAAS/JBoss] - HowTo Link LDAP-Group with Roles?

Thu, 07 Dec 2006 09:51:25 -0800 

Hi,

I spend nearly the whole day, reading tutorials, forums and books... I finally 
got my authentication working but am stuck with the authorization.

I can login, but am getting - reasonably - a 403 error.

I'm originally coming from WebSphere where the EAR links the LDAP-Groups with 
the JAAS roles with a ibm-application-bnd.xmi.
But how can I make it on Jboss???

I set up login-config.xml, application.xml (ear), jboss-web.xml and web.xml to 
make the authentication happen. Any other file to edit/add?

Thanks in advantage for you help!
Zwitsch

application.xml

  |     <display-name>
  |     KaskoEAR</display-name>
  |     <module>
  |             <web>
  |                     <web-uri>Kasko.war</web-uri>
  |                     <context-root>kasko</context-root>
  |             </web>
  |     </module>
  |     <security-role id="user">
  |             <description>User</description>
  |             <role-name>user</role-name>
  |     </security-role>
  |     <security-role id="poweruser">
  |             <description>Poweruser</description>
  |             <role-name>poweruser</role-name>
  |     </security-role>
  |     <security-role id="admin">
  |             <description>Admin User</description>
  |             <role-name>admin</role-name>
  |     </security-role>
  | </application>

web.xml (extract)

!-- Security Config -->
  |     
  |     <login-config>
  |             <auth-method>BASIC</auth-method>
  |             <realm-name>Kasko Login</realm-name>
  |     </login-config>
  |     
  |     <!-- Security Contraints -->
  |     
  |     <security-constraint>
  |             <web-resource-collection>
  |                     <web-resource-name>Admin</web-resource-name>
  |                     <url-pattern>/Start</url-pattern>
  |                     <http-method>GET</http-method>
  |                     <http-method>POST</http-method>
  |             </web-resource-collection>
  |             <auth-constraint>
  |                     <role-name>admin</role-name>
  |             </auth-constraint>
  |     </security-constraint>
  |     
  |     <!-- Security Roles -->
  |     
  |     <security-role>
  |             <description>Administrator</description>
  |             <role-name>admin</role-name>
  |     </security-role>

jboss-web.xml

<jboss-web>
  |     
  |     <context-root>/kasko</context-root>
  | 
  |     <security-domain>java:/jaas/testdomain</security-domain>
  | 
  | </jboss-web>

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3992020#3992020

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3992020
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to