Problem fixed. In FLEX_HOME/resources/security/TomcatLogin you will find two jars to add capabilities to JBoss' embedded Tomcat server:
- Put flex-tomcat-common.jar in JBOSS_HOME/server/default/lib - Put flex-tomcat-server.jar in JBOSS_HOME/server/default/deploy/jbossweb-tomcat50.sar - Add a valve in JBOSS_HOME/server/default/deploy/jbossweb-tomcat50.sar/server.xml: | <Valve className="flashgateway.security.TomcatValve"/> | Now configure Flex so that we can use RemoteObject in association with J2EE roles while still using our own custom auth window. Add the following to flexapps/WEB-INF/flex/flex-config.xml: | <object name="EmployeeAccess"> | <source>examples.EmployeeAccess</source> | <use-custom-authentication>true</use-custom-authentication> | <roles> | <role>sampleusers</role> | </roles> | </object> | <object name="ManagerAccess"> | <source>examples.ManagerAccess</source> | <use-custom-authentication>true</use-custom-authentication> | <roles> | <role>samplemanagers</role> | </roles> | </object> | Now configure JAAS security: - Add jboss-web.xml in flexapps/WEB-INF with a JAAS security-domain: | <jboss-web> | <security-domain>java:/jaas/flexapps</security-domain> | </jboss-web> | - Add security roles to flexapps/WEB-INF/web.xml: | <login-config> | <auth-method>BASIC</auth-method> | </login-config> | <security-role> | <role-name>sampleusers</role-name> | </security-role> | <security-role> | <role-name>samplemanagers</role-name> | </security-role> | - Define java:/jaas/flexapps in JBOSS_HOME/server/default/conf/login-config.xml: | <application-policy name="flexapps"> | <authentication> | <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" | flag="required"> | <module-option name="usersProperties">flexapps-users.properties</module-option> | <module-option name="rolesProperties">flexapps-roles.properties</module-option> | </login-module> | </authentication> | </application-policy> | - Add flexapps-users.properties and flexapps-roles.properties files to flexapps/WEB-INF/classes with "sampleuser" and "samplemanager" users plus "sampleusers" and "samplemanagers" roles. That's it, custom authentication works really nice, you can use your own Flex logon popup and use JAAS behind the scenes. Also you could use base64+MD5 hashing on your passwords or use a LDAP or database instead of plain text files. I will post a quick HOWTO on my blog very soon on how to use MySQL and encrypted passwords to do custom auth. Cheers, Fanch http://www.mfworx.com View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3873183#3873183 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3873183 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
