Version 2
Created by anil.saldhana on May 1, 2006 6:31 PM. Last modified by anil.saldhana on May 1, 2006 6:31 PM.

    Jacc Delegation For Unsecured Web Resources

     

    Based on JBAS-2519, starting jboss-4.0.4.GA, it is possible to delegate to a JACC provider for resources that are not secured via the web.xml security constraints.

     

    Configuration

    There is an attribute on the JACCAuthorizationRealm that needs to be enabled. It is called as unprotectedResourceDelegation.

    • When this flag is enabled, the JACCAuthorizationRealm will look for an implementation of "findSecurityConstraints"

    from either the JACC policy provider or a special provider class that is plugged in via the

    securityConstraintProviderClass attribute.

     

    <Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm" unprotectedResourceDelegation="true" securityConstraintProviderClass="org.jboss.test.security.test.CustomSecurityConstraintProvider" 
certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"></Realm>

     

    Examples

    CustomSecurityConstraintProvider

     

    2695 Views Categories: Tags: