, LLC
- Original Message -
From: Tom Mahaffey [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, June 14, 2002 2:58 PM
Subject: Re: [JBoss-user] Delegating Jetty Authentication to JBoss
I'm still having no success.
Can someone tell me if I need a jboss
I'm interested in delegating Jetty authentication
and authorization to JBoss 3.0.0.
I have the docs for JBoss 2.4.x, and the section
on authentication shows pseudocode on how to do this.
However, in JBoss3, I see the class JBossUserRealm.
Unless I'm totally missing something, I have not seen
Tom,
JBossUserRealm is the bridge between Jetty and JBossSX. If you are
running JBoss/Jetty, you are already using it.
To control the backend security stuff, it's now a matter of configuring
JBossSX, not Jetty.
There should be something in the free doc - it's not my bag !
Jules
Tom
Thanks Jules...that at least narrows me down.
Here's what I've done so far:
In JBoss:
1) Added an application-policy element
to login-conf.xml to use UsersRolesLoginModule
2) Added a users.properties and roles.properties
in server/myservername/conf
In my webapp:
1) Altered
I'm still having no success.
Can someone tell me if I need a jboss-web.xml
in my WAR/EAR? I see jboss-web.xml in the
JBoss2.4x docs and the free docs, but see no mention
in the JBoss-3.0.0 QuickStart guide.
I just don't understand where the delegation of
authentication from Jetty to JBoss is
There seem to be two parts:
- authentification, which you seem to already have configured
(client/auth.conf for the client,
server/default/conf/login-config.xml for the server). But do you
actually call loginContext.login() from your client?
- authorisation, which (in our
After a lot of wrestling, I finally found my problem.
Of course, once I found the problem, this
configuration
thing fell into place with the ease I have come
to enjoy with JBoss.
My blasted users.properties file for
UsersRolesLoginModule had usernames with dots in them.
Seemed totally