Solved

Configuring A Simple FORM BASED Authentication Login for JBoss

Posted on 2006-07-11
4
3,114 Views
Last Modified: 2013-11-12
Hi Experts Exchange Folks,

If we can answer this question - it will very likely be extremely useful to MANY others - so I am hoping you can help me - as well as anyone else who has had to try and get this situation to work.  After buying two large books, combing all over the JBoss, MyEclipse, XDoclet sites and asking Google... What I found was that there were TONS of pages with "you can initialize this", "you can specify that", "you can use this new, snazzy, additional interface", "you can design your own - here just read and digest these 25 pages...", and so on.  I spent the better part of the weekend trying to get the SIMPLEST FORM-BASED AUTHENTICATION to work and ended up rather frustrated due to the lack of a cohernet picture of the required pieces needed to solve the puzzle.  

Here's the scenario:

1) There's a web-client who wants to log into a JBoss hosted web-server. The challenge is for the JBoss application server to support a SIMPLE login page.  
2) The web-client will attempt to access a URL such as http://www.thatcoolsite.com/funstuff/main - where funstuff is a servlet that requires an authenticated login to be accessed and main is a place-holder page to be returned.  
3) There are files including web.xml, roles.properties, user.properties, login.jsp, loginerror.jsp, plus tidbits and mapping vectors all over the place which ALL have to be perfectly aligned and concurring or nothing works.  

My question is this:  What is the minimum set of particulars that will...

A) Redirect the initial 'main' page call to cause the 'login.jsp' page to be returned to the caller
B) Accept the incoming j_username and j_password elements to be passed to the j_security_check module
C) Allow for the correct recognition of an established User and Role for the incoming args
D) Finally... return some page that announces the login-procedure was successful or failed.  

I marked the question 'difficult' - because I am not sure anyone has the time to bother with it.  But I appreciate two things: 1) The ability to pose the question - which often helps me find an answer.  2) This site has a WEALTH of good information - and this is something on which I just happen to be stuck - but I look forward to studying other answers already derived for others.  

Thank you!
0
Comment
Question by:notarysojac
4 Comments
 
LVL 15

Accepted Solution

by:
lakshman_ce earned 250 total points
ID: 17080782
0
 

Author Comment

by:notarysojac
ID: 17084499
Thanks for the quick and obviously helpful response.  

I dunno WHY the JBoss-wiki stuff did not appear for my search - but it was very helpful.  Also - the javaworld example looks like it may be very useful.  

Getting the JBoss example working is the first irder of business - the next step would be to upgrade to the javaworld-described approach as it is much closer to what would be the true, desired solution.

Getting "<security-domain>java:/jaas/other</security-domain>" into the jbossweb.xml file appears to be a sub-challenge without hand editing the file.  

I'll post a follow-up when and if I make some forward progress.  

Thank you!
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

One of the most frequent problems a "newbie" developer may encounter is having to deal with different data formats. One for all: THE DATE We, as humans, need to "see" a date and then interpret it (much of the times this is an automatic operation)…
Introduction This article discusses the Chain of Responsibility pattern, explaining What it is;Why it is; andHow it is At the end of this article, I hope you will be able to describe the use and benefits of Chain of Responsibility.  Backgrou…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now