Yes you are correct. New security realm is not the issue. Its inability of the
Servlet Environment to properly populate the security information needed by
JBoss Portal.
In fact why dont you try swicthing the portal security realm to your
custom/shared security realm and its LoginModules. You will still need to use
the deep JAAS/container managed approach, but you will be using the security
realm which is shared by all your applications.
You should be able to do this by:
1/ Modify <application-policy name="portal"> inside
jboss-portal.sar/conf/login-config.xml to
<application-policy name="{your security realm here}">
2/ Inside jboss-portal.sar/portal-server.war/WEB-INF/jboss-web.xml make
<security-domain>java:jaas/portal</security-domain> to
<security-domain>java:jaas/{your security realm here}</security-domain>
Note: even with this approach you will still need to use the container
based/j_security approach for Portal to be properly populated with the security
information.
btw- I have never tried swapping the realm this way for Portal. This is in
theory, so let us know if this actually works ;)
Thanks
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4071657#4071657
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4071657
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
