Hello...
I'm developing a servlet, which calls some custom classes. One of these classes does a
kerberos login using the krb5login module. To get the servlet and the classes working,
I have to define the exact class in the application policy of the default security
domain "other" in the login-config.xml:
<application-policy name = "other">
<login-module code = "com.sun.security.auth.module.Krb5LoginModule" flag =
"required" />
</application-policy>
...
Then I tried to use a custom security domain which I defined in the jboss-web.xml:
<jboss-web>
<security-domain>TestSecDomain</security-domain>
<context-root>/</context-root>
<virtual-host>localhost</virtual-host>
</jboss-web>
I also defined a custom application policy in the login-config.xml:
<application-policy name = "TestSecDomain">
<login-module code = "com.sun.security.auth.module.Krb5LoginModule" flag =
"required" />
</application-policy>
....
<application-policy name = "other">
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</application-policy>
....
With this configuration the servlet and the classes are not working. They use always
the default "other" application policy.
Do you have any ideas what I have done wrong?
I'm using JBoss 3.2.2 with bundled Tomcat 4.1.2.
Thanks in advance...
richard
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3841381#3841381
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3841381
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
