Download presentation
Presentation is loading. Please wait.
Published byAmbrose Hicks Modified over 9 years ago
1
Enterprise Java v040918JBoss Security Setup1 Setting up Security in JBoss References: “Getting Started with JBoss, J2EE applications on the JBoss 3.2.x Server”, Luke Taylor and The JBoss Group. http://www.jboss.org/modules/html/docs/jbossj2ee.pdf
2
Enterprise Java v040918JBoss Security Setup2 Security Domains (a.k.a Realms) Implement security policy within the application server Based on JAAS –See JBoss JAAS How To http://prdownloads.sourceforge.net/jboss/jaashowto- 32x.zip?download Referenced by DataSources, Web Applications, EJBs, etc. Centralizes the management/implementation of security within the application server Security domain name mapped to login modules within $JBOSS_SERVER/conf/login-config.xml
3
Enterprise Java v040918JBoss Security Setup3 Example Reference in DataSource //based on $JBOSS_SERVER/deploy/hsqldb_ds.xml DefaultDS jdbc:hsqldb:${jboss.server.data.dir}${/}hypersonic${/}localDB org.hsqldb.jdbcDriver HsqlDbRealm
4
Enterprise Java v040918JBoss Security Setup4 Example Reference in Web Application //based on $JBOSS_SERVER/deploy/jmx-console/WEB-INF/jboss-web.xml java:/jaas/jmx-console
5
Enterprise Java v040918JBoss Security Setup5 Example Reference in EJB // $EJB/META-INF/jboss.xml java:/some-domain
6
Enterprise Java v040918JBoss Security Setup6 $JBOSS_SERVER/conf/login-config.xml <login-module code = "LoginModule Implementation Class" flag = “satisfaction requirement"> value … … used as security-domain name a Java implementation class states level of requirement for passing of policy to grant access module-specific options
7
Enterprise Java v040918JBoss Security Setup7 $JBOSS_SERVER/conf/login-config.xml application-policy –name defines security-domain –missing application-policies are mapped to “other” application- policy at bottom of login-config.xml file –authentication contains one or more login modules login module –specifies a JAAS implementation to authenticate user –flags »required: module must succeed for user to be authenticated
8
Enterprise Java v040918JBoss Security Setup8 Login Modules ConfiguredIdentityModule –sets the user identity to a constant value UsersRolesLoginModule –uses two property files to authenticate user and assign roles
9
Enterprise Java v040918JBoss Security Setup9 ConfiguredIdentityModule class: org.jboss.security.auth.spi. ConfiguredIdentityModule sets the user identity to a constant value –useful when accessing external resource with single account while application server manages individual accounts –principal sa –username sa –password
10
Enterprise Java v040918JBoss Security Setup10 UsersRolesLoginModule class: org.jboss.security.auth.spi.UsersRolesLoginModule uses two property files to authenticate user and assign roles –users.properties – contains user logins and plain text passwords user1=password1 user2=password2 –roles.properties – contains mapping of user login to roles user1=role1,role2 user2=role1 Files located in classpath –can be within EAR for applications Names can be customized with module-options – jmx-console-users.properties – jmx-console-roles.properties
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.