Version 3
Created by bdaw on Mar 19, 2007 7:01 AM. Last modified by massimiliano_cuccia on May 16, 2007 11:58 AM.

    Portal Authentication with Acegi

     

    (from http://www.jboss.com/index.html?module=bb&op=viewtopic&p=40287424028742)

     

    To use Acegi Security for authentication open the login-config.xml in JBOSS_HOME\server\default\deploy\jboss-portal.sar\config. Change the flag of org.jboss.portal.identity.auth.IdentityLoginModule to ?sufficient? and add new login-module configuration using the org.acegisecurity.adapters.jboss.JbossAcegiLoginModule Login Module.

     

    <application-policy name="portal">
      <authentication>
         <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="sufficient">
            <module-option name="unauthenticatedIdentity">guest</module-option>
            <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
            <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
            <module-option name="additionalRole">Authenticated</module-option>
            <module-option name="password-stacking">useFirstPass</module-option>
         </login-module>
          
          <login-module code = "org.acegisecurity.adapters.jboss.JbossAcegiLoginModule"
             flag = "required">
             <module-option name = "appContextLocation">acegisecurity.xml</module-option>
             <module-option name = "key">my_password</module-option>
          </login-module>     
      </authentication>
   </application-policy>     

     

    The value in the "appContextLocation" is the name of the the acegi security configuration file e.g. in the example acegisecurity.xml. Copy the acegi security configuration file to the directory:

     

    JBOSS_HOME\server\default\deploy\jboss-portal.sar\portal-server.war\WEB-INF

     

    The acegi configuration file contains the spring context definition including all the authentication manager beans (For more information consult the Acegi Security documentation). For Portal Authentication it is sufficient to define the authentication manager.

     

    
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">

<beans>
     
     <bean id="authenticationManager"
          class="org.acegisecurity.providers.ProviderManager">
          <property name="providers">
               <list>
                    <ref bean="daoAuthenticationProvider" ></ref>
               </list>
          </property>
     </bean>


     <bean id="daoAuthenticationProvider"
          class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
          <property name="userDetailsService" ref="userDetailsService" ></property>
     </bean>

     <bean id="userDetailsService"
          class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
          <property name="userMap">
               <value>
                    myadmin=myadmin,Admin,Authenticated,
                    myuser=mysuser,User,Authenticated
               </value>
          </property>
     </bean>

</beans>     

     

    Another approach is to use Spring singleton capabilities for more information see: http://sun.calstatela.edu/~cysun/documentation/acegi/acegi.htmlca-jboss

     

    5827 Views Categories: Tags: