Does it make any difference if i set the domain in the auth.conf by:
| http {
| org.jboss.security.ClientLoginModule required multi-threaded=true;
| };
|
or in the login config by:
| <application-policy name="http">
| <authentication>
| <login-module code = "org.jboss.security.ClientLoginModule"
| flag = "required" multi-threaded="true">
| </login-module>
| </authentication>
| </application-policy>
|
I guess i have to comment out the security contraint in my web.xml?
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>Secure Content</web-resource-name>
| <url-pattern>/app/*</url-pattern>
| </web-resource-collection>
| <auth-constraint>
| <role-name>D</role-name>
| <role-name>Z</role-name>
| <role-name>B</role-name>
| </auth-constraint>
| <user-data-constraint>
| <transport-guarantee>NONE</transport-guarantee>
| </user-data-constraint>
| </security-constraint>
| <login-config>
| <auth-method>BASIC</auth-method>
| <realm-name>secure</realm-name>
| </login-config>
| <security-role>
| <description>D.</description>
| <role-name>D</role-name>
| </security-role>
| <security-role>
| <description>Z.</description>
| <role-name>Z</role-name>
| </security-role>
| <security-role>
| <description>B.</description>
| <role-name>B</role-name>
| </security-role>
|
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3908396#3908396
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3908396
-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc. Get Certified Today
Register for a JBoss Training Course. Free Certification Exam
for All Training Attendees Through End of 2005. For more info visit:
http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
