Re: TomEE Configure JAAS

Tue, 09 Apr 2013 12:50:10 -0700 

Badically jaadrealm is only used to use jaas when calling httprequest.login.
Le 9 avr. 2013 21:37, "ZhongGuan" <[email protected]> a écrit :

> hi, I have written a simple sample (a servlet), and wrote the new
> LoginContext stuff. and it worked.
>
> String userName = request.getParameter("userName");
> String password = request.getParameter("password");
> LoginContext lc = new LoginContext("PropertiesLoginModule", new
> UsernamePasswordCallbackHandler(userName, password));
> lc.login();
> Subject subject = lc.getSubject();
>
> I still have a question.
> When I write code like this, I do not need to add the JAASRealm in
> server.xml
> I just need a login.config, users.properties, groups.properties
> and a java.security.auth.login.config setting in system.properties.
>
> I read some documents, it seems that tomcat will call the method
> authenticate in JAASRealm Class,
> and in this method, it uses the new LoginContext() and JAASCallbackHandler.
> so that, i think if
> I add the JAASRealm in server.xml, maybe I do not need to write code above.
>
> after that, I try to add the  <security-constraint> in web.xml, and when I
> access the url,
> it will open a dialog to input user and password, I try to input the user
> and password that in the users.properties, but it does not work.
>
> so I want to ask, how to use the JAASRealm?
>
> here is some of my settings
> groups.properties
>     admin=test
> users.properties
>     test=test
> web.xml
>         <security-constraint>
>                 <web-resource-collection>
>                         <web-resource-name>Protected
> Area</web-resource-name>
>                         <url-pattern>/admin/*</url-pattern>
>                 </web-resource-collection>
>                 <auth-constraint>
>                         <role-name>admin</role-name>
>                 </auth-constraint>
>         </security-constraint>
>         <login-config>
>                 <auth-method>BASIC</auth-method>
>                 <realm-name>JAASRealm</realm-name>
>         </login-config>
>
> My input of the popup dialog is "test" and "test", but I can not login.
>
> Thanks.
>
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/TomEE-Configure-JAAS-tp4662130p4662140.html
> Sent from the OpenEJB User mailing list archive at Nabble.com.
>

Reply via email to