-
1. JBOSS BASIC Authentication
jagb_10 Feb 1, 2011 2:06 AM (in response to garjunan)Hi,
Can you know identify what the default application, it invokes when jboss starts
-
2. JBOSS BASIC Authentication
nickarls Feb 1, 2011 2:10 AM (in response to garjunan)show your web.xml for your apps.
-
3. JBOSS BASIC Authentication
garjunan Feb 2, 2011 12:24 AM (in response to nickarls)Thanks for your reply. Below is my web.xml.
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<display-name>Test</display-name>
<description>
My Test
</description>
<servlet>
<servlet-name>Status Servlet</servlet-name>
<servlet-class>org.jboss.web.tomcat.service.StatusServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Status Servlet</servlet-name>
<url-pattern>/status</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>All resources</web-resource-name>
<description>Protects all resources</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>testSecurityRole</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>testSecurityRole</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Testing</realm-name>
</login-config>
</web-app>
-
4. JBOSS BASIC Authentication
garjunan Feb 2, 2011 12:35 AM (in response to jagb_10)Hi Jagadeshwar,
I am using default jboss application during startup. I mean /opt/jboss-4.2.3/server/default/deploy is my war file directory. I have multiple war files under /opt/jboss-4.2.3/server/default/deploy dir.
Let me know if you want more detail on this.
-
5. JBOSS BASIC Authentication
nickarls Feb 2, 2011 1:40 AM (in response to garjunan)How do you map users to roles?
-
6. JBOSS BASIC Authentication
garjunan Feb 2, 2011 9:54 AM (in response to nickarls)Hi,
As I mentioned in my first thread I am getting the pop up for user authentication. But not with context root.
Some configuration files are below.
In login-config.xml
<application-policy name="myapp">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties">props/myapp-users.properties</module-option>
<module-option name="rolesProperties">props/myapp-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
myapp-users.properties:
# users.properties file for use with the UsersRolesLoginModule
testUserName=testUserPassword
myapp-roles.properties:
# roles.properties file for use with the UsersRolesLoginModule
testUserName=testUserRole
-
7. JBOSS BASIC Authentication
garjunan Feb 2, 2011 9:58 AM (in response to garjunan)Hi,
To avoid more confusion.
Here is my actual myapp-roles.properties. Above I copied & pasted from the site where i refered.
# roles.properties file for use with the UsersRolesLoginModule
testUserName=testSecurityRole
I refered this URL: http://www.xinotes.org/notes/note/880/
I changed the naming convention based on my needs. I followed the steps from the above URL.
-
8. Re: JBOSS BASIC Authentication
jagb_10 Feb 2, 2011 8:50 PM (in response to garjunan)Hi,
if you use http://192.168.1.10:8080/ it should invoke the ROOT.war application,
May I know which application page it is dispalying(Root.war home page or one of your applications' page) after login authentication
Regards
Jagadeshwar
-
9. JBOSS BASIC Authentication
garjunan Feb 3, 2011 1:28 AM (in response to jagb_10)Hi,
I am getting jboss default home page when i access http://192.168.1.10:8080/ URL. All my application can be accessed through full URL only (like., http://192.168.1.10:8080/testsite/ )
Thanks
Gokul
-
10. JBOSS BASIC Authentication
jaikiran Feb 3, 2011 1:36 AM (in response to garjunan)1 of 1 people found this helpfulDid you really change the web.xml in your testsite.war? Or did you change the one in ROOT.war?
-
11. JBOSS BASIC Authentication
garjunan Feb 4, 2011 2:26 AM (in response to jaikiran)Jaikiran, Thanks for the clue.
Great..I got it now. When i refer other sites for reference they didn't mention the exact path of web.xml. So i configured it under ROOT.war.
Now I configured the web.xml under my application war file.
Path: testsite.war/WEB-INF/web.xml and we need to create jboss-web.xml under the same WEB-INF dir.
Thanks for pointing out at the right time.
ISSUE RESOLVED.
Now I tried to configure DIGEST authentication also and it worked fine.
Thanks all for your help.
-
12. Re: JBOSS BASIC Authentication
msarath Jul 13, 2011 7:47 AM (in response to garjunan)Hi,
I have followed the steps as mentioned here:
http://www.xinotes.org/notes/note/880/
Only changed myapp to pmart (which is my application name).
When I try to access my site https://10.203.234.134:8443/pmart/ I get 404 error in IE and blank page in other browsers.
Could anyone please let me know if there is any other changes/checks I need to do other than the steps mentions in the above url ?
I have checked online and found similar article: http://www.datadisk.co.uk/html_docs/java_app/jboss5/jboss5_securing_web_apps.htm
On this page, where it says... "The behavior of a role can be controlled in the realm definition in the JBoss Web Server server/xxx/deploy/jbossweb.sar/server.xml"
The Reaml values mentioned on this site doesn't match with the one I have in my server.xml file.
Below is what i have in my server.xml file...
<Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
allRolesMode="authOnly"
/>
This could be the problem why authentication is not working for my application?
Any clue is greatly appriciated. Thanks in advance.
Regards,
Sarath.
-
13. Re: JBOSS BASIC Authentication
wolfgangknauf Jul 14, 2011 3:28 AM (in response to msarath)Hi Sarath,
I don't think that you have to change "server.xml" - security always worked for me without this change ;-). But maybe this is required for very "special" configs. A basic security should work without.
Could you provide more details on your app? Post all relevant security config snippets, your JBoss version and the structure of your app.
Best regards
Wolfgang
-
14. Re: JBOSS BASIC Authentication
msarath Jul 14, 2011 3:59 AM (in response to wolfgangknauf)Thanks for your reply Wolfgang. I have followed many online articles whole yesterday but none of them worked
I have recently started working on JBoss.
Below are the details/content of files I have modified:
/home/edb/jboss-4.0.5.GA/server/default/deploy/perfmart.ear/perf-web.war/web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>All resources</web-resource-name>
<description>Protects all resources</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>testUserRole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Test Realm</realm-name>
</login-config>
<security-role>
<role-name>testUserRole</role-name>
</security-role>
/home/edb/jboss-4.0.5.GA/server/default/deploy/perfmart.ear/perf-web.war/jboss-web.xml:
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE jboss-web
PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd">
<jboss-web>
<security-domain>java:/jaas/pmart</security-domain>
</jboss-web>
/home/edb/jboss-4.0.5.GA/server/default/conf/login-config.xml:
<application-policy name="pmart">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties">props/pmart-users.properties</module-option>
<module-option name="rolesProperties">props/pmart-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
/home/edb/jboss-4.0.5.GA/server/default/conf/props/pmart-roles.properties
# A sample roles.properties file for use with the UsersRolesLoginModule
testUserName=testUserRole
/home/edb/jboss-4.0.5.GA/server/default/conf/props/pmart-users.properties
# A sample users.properties file for use with the UsersRolesLoginModule
testUserName=testUserPassword