Hi,
I had the same problem some time ago. Setting a default user in Tomcat
was also difficult for me because I didn't understand the using of
org.jboss.tomcat.security.JbossRealm (I didn't even realized, that this
class is important). Now I have implemented my own Tomcat Interceptor
with a preService method. If the user didn't login, this method binds
the principal and credential in the same way as Scott has written. I
think the authenticate method could not be used because we have no
explicit login, so preService seems to be a good place.
In JBoss you need your own implementation of a JAAS login module which
knows the special principal 'guest' and the special credential
'guestpassword'. A user with this principal gets a 'guest' role and this
role can be used in the deployment descriptor.
Tobias
Raffael Herzog wrote:
>
> Raffael Herzog <[EMAIL PROTECTED]> wrote:
>
> > Is it possible to grant guest access to any user without any
> > authentication when using JAAS security (a default user)? If yes,
> > how? If no, what's the best method to grant anyone access to the
> > beans from within the embedded Tomcat? Create a login context in the
> > dispatching servlet(s)?
>
> OK, I'll try it again: How can I set a user within Tomcat? Now I get
> the following exception, if I try to access any of the beans from
> within Tomcat:
>
> Authentication exception, principal=null
>
> The user didn't login, of course. Why should he -- everyone has
> read-only access, so a login page is inacceptable. I didn't see a way
> to specify a default user in Tomcat (something like tomcat,
> pwd=tomcat) to set it to the guest role in JBoss. I also didn't see a
> way to specify guest access to anyone in the deployment descriptor of
> the beans. I think it's a bad idea to create a login context within
> JBoss. So what else can I do?
>
> Is it possible that the simpliest kind of security (besides no
> security at all) is impossible to realize? All I try to do for four
> days is to grant read-only access to anyone and read/write access to
> administrators.
>
> And please, somebody answer! I *never* got an answer in this
> group. And before you tell me RTFM: I read the FM more than once, if
> it's somewhere there, please tell me where it is.
>
> Sorry about this post, but I'm getting really annoyed about trying to
> do something that simple for 4 days, 10 hours a day, without any
> documentation, without any help from the mailing list, with incomplete
> sources where I could look up some infos and with hours of browsing
> the CVS repository trying to find a source file which is not included
> in the distribution. I already destroyed several keyboards! ;-)
>
> --
> (o_ Raffael Herzog
> //\ [EMAIL PROTECTED]
> V_/_
> May the penguin be with you!
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
