Hi!
I'm new to JBoss but not to J2EE, and I'm trying to port an application that
works fine in Sun AS 8.
The application is packaged as an EAR with one ejb module and one web module.
It uses three roles, Users, Authors and Admins.
When the client attempts to access a security constrained jsp, firefox shows a
login dialog as expected, but the user id and password is not accepted.
The first strange thing is that nothing is logged when an access fails, which
makes it difficult for me to find the problem, so my first question is: How do
I get the server to log access attempts?
The EAR does not request any specific realm so I assume that the policy "other"
is used. It probably is because I got error messages logged before I created
"users.properties" and "roles.properties", and I don't get these errors
anymore.
I have mapped the roles in jboss-app.xml to principal names defined in
"roles.properties". I also tried doing the same mapping in "jboss-web.xml" in
the war file, although that shouldn't be necessary. I have even tried to map an
application role to a specific user, defined in "users.properties".
Below are the relevant sections from various deployment descriptors. Hope
someone can tell me what I'm doing wrong, or at least show me how to get JBoss
to log the accesses and reasons for failing.
TIA,
Gunnar Grim
--------------------------------------------------------------------------------
app.ear/app.war/WEB-INF/web.xml:
<web-app>
:
<security-constraint>
<display-name>Users</display-name>
<web-resource-collection>
<web-resource-name>Secure</web-resource-name>
<url-pattern>/secure/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Users</role-name>
</auth-constraint>
</security-constraint>
:
</web-app>
--------------------------------------------------------------------------------
app.ear/META-INF/jboss-app.xml:
<jboss-app>
<security-role>
<role-name>Users</role-name>
<principal-name>users</principal-name>
</security-role>
<security-role>
<role-name>Authors</role-name>
<principal-name>authors</principal-name>
</security-role>
<security-role>
<role-name>Admins</role-name>
<principal-name>admins</principal-name>
</security-role>
</jboss-app>
--------------------------------------------------------------------------------
~/jboss-4.0.3SP1/server/default/conf/login-config.xml:
:
<application-policy name = "other">
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
<module-option
name="usersProperties">props/users.properties</module-option>
<module-option
name="rolesProperties">props/roles.properties</module-option>
</application-policy>
:
--------------------------------------------------------------------------------
~/jboss-4.0.3SP1/server/default/conf/props/users.properties:
gugrim=password
--------------------------------------------------------------------------------
~/jboss-4.0.3SP1/server/default/conf/props/roles.properties:
gugrim=users,authors,admins
--------------------------------------------------------------------------------
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3924848#3924848
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3924848
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
