jaas

Using HTTP Request.login with JBoss/JAAS

☆樱花仙子☆ 提交于 2019-12-07 18:26:55
问题 I have successfully setup a JBoss security domain, and can authenticate using BASIC authentication (as defined in web.xml). This all works well. I cannot however figure out how to use the http request.login method. The following security domain (from jboss-web.xml) works for BASIC authentication: <jboss-web> <context-root>/myapp</context-root> <security-domain>java:/jaas/myapp-realm</security-domain> </jboss-web> But when I use request.login as follows: public void login() { FacesContext

Implementing Custom Authentication with Tomcat

南楼画角 提交于 2019-12-07 15:33:24
问题 Hey all, I'm using Tomcat 6.0.14 and would like to know to implement a system that would allow us to send users a link say mysite.com?token=12345678912334333(long string continued) but that would allow the user to be logged in automatically. 回答1: Unless you have other reasons specific to Tomcat, or you are unable to modify your web application, then it might be easiest to use a custom filter to do the authentication (JAAS or otherwise). For example: http://www.kopz.org/public/documents/tomcat

Credentials exception when running Filenet-based web app on Websphere Application Server

ε祈祈猫儿з 提交于 2019-12-07 12:58:42
问题 I have developed a REST service that retrieves data from the content engine storage. For simplicity I've created user account with read-only privileges and used it for CE authorization, using the following code: UserContext context = UserContext.get(); Connection connection = Factory.Connection.getConnection("connection.url"); Subject subject = UserContext.createSubject(connection, "connection.username", "connection.password", "connection.stanza"); context.pushSubject(subject); During

Using Multiple login module in JBoss

会有一股神秘感。 提交于 2019-12-07 07:46:00
问题 I am new to authentication and security area and I am trying to extend the authentication mechanism of my application, which currently provides traditional user name/password authentication, to provide user to authenticate via LDAP Server. In the current implementation, the application uses j_security_check thread from Server API to authenticate the user. The standalone.xml file of Jboss has a login module pointing to a myLoginModuleClass class which extends the jboss.security.auth.spi

How does keytab work exactly?

本小妞迷上赌 提交于 2019-12-07 05:42:31
问题 i have some questions on using keytab for Authentication hope the kind people here can enlightend me Say, i have userA who is going to use a service running at port 1010. First, userA will login to Active Directory to authenticate himself. After login, userA will try to connect to the server to use its service 1010. In order for the server to verify that UserA is who he is, I need to use setspn to register SPN at the Active Directory. eg setspn -s service1010/mydomain.com serviceaccount1 Then

Can't map roles to groups using ibm-application-bnd.xml

戏子无情 提交于 2019-12-07 03:40:14
问题 I'm trying to map user groups using ibm-application-bnd.xml. Put it into META-INF folder. On try to access secure page get next message: [08.05.15 17:42:21:242 MSK] 00000084 WebCollaborat A SECJ0129E: ... GET в null:/loginmodule/date/, Authorization failed, Not granted any of the required roles: user-role When I try configure it with ibm console it works. All configuration WAS writes into ibm-application-bnd.xmi instead of ibm-application-bnd.xml. What do I wrong? Using Websphere AS 8.5.5

How does java LoginContext.login() work?

为君一笑 提交于 2019-12-07 02:22:48
问题 I have this code to create a configuration of a java client to connect to a JBoss application server: System.setProperty( "java.security.auth.login.config", "auth.conf" ); LoginContext auth = new LoginContext( "myAuth", new LoginCallbackHandler( username, password ) ); auth.login(); The file auth.conf contains the following lines: myAuth { org.jboss.security.ClientLoginModule required; }; Now, somewhere else in the code (the LoginContext auth isn't known there) I have an EJB that does a

AngularJs and Jboss and JAAS

女生的网名这么多〃 提交于 2019-12-06 13:33:04
If one would to look at JBoss security framework as one possible explanation on how to enable JAAS using JBoss 6 and create this web.xml to configure JAAS security to protect i.e. a Rest api: <?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0"> <context-param> <param-name>resteasy.scan</param-name> <param-value>true</param-value> </context-param> <context-param> <param-name>resteasy

Spring Security JAAS Authentication Authorization Issue

被刻印的时光 ゝ 提交于 2019-12-06 11:01:58
问题 In Spring Security am using DefaultJaasAuthenticationProvider Configuration for login authentication with linux username/password. JpamLoginModule is used for authentication. I am successfull with authentication but i had problem in authoriztion(ROLE_USER,ROLE_ADMIN), am getting HTTP Status 403 - Access is denied Error. Following Configuration i used in spring-security.xml <security:authentication-manager> <security:authentication-provider ref="jaasAuthProvider" /> </security:authentication

Role vs RoleGroup in JBoss DataBaseServerLoginModule

坚强是说给别人听的谎言 提交于 2019-12-06 10:45:41
问题 Part A: Role vs RoleGroup Can someone explain the difference between a Role and a RoleGroup in the jboss DatabaseServerLoginModule ? I'm confused after looking at the examples in the JBoss 6 documentation One area of confusion is when they describe the logical tables the user to role mapping table has three columns: Table Principals(PrincipalID text, Password text) Table Roles(PrincipalID text, Role text, RoleGroup text) But the example they offer only uses two columns: CREATE TABLE Users
订阅 jaas