google Analytics

Wednesday, November 17, 2010

configuring security domains for authentication and authorization in JBoss

configuring security domains for authentication and authorization in JBoss
Securing Ejb Using JBOSS
EJB Security in JBOSS or securing Web Application in JBOSS
Setup security-domain For JBoss

=============================================================



=============================================================

To enable security in the JBoss application server, you need to create a security domain .
A security domain is a repository for users, passwords, and the roles with which each user is associated.
The EJB container delegates to the security domain when performing authentication and authorization



============================================================
Security domains are configured in the
jboss/server/default/conf/login-config.xml
Add the following entry in under the Poplict Tag

<application-policy name="testSecurityDomain">
  <authentication>
      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"     flag = "required">
         <module-option name="usersProperties">
                   users.properties
         </module-option>
         <module-option name="rolesProperties">
                   roles.properties
         </module-option>
      </login-module>
  </authentication>
</application-policy>




The user-test.properties files
users.properties
anish=anish
nath=nath



roles-test.properties
wburke=AUTHORIZED
richard=UNAUTHORIZED



-----
The Bean Class
@Stateless
@SecurityDomain("testSecurityDomain")  //Configured in
login-config.xml
@RolesAllowed("AUTHORIZED")

public class TestBean implements TestBeanRemote,
                                           TestBeanLocal
{

@RolesAllowed({"AUTHORIZED", "CHECK_FRAUD_ENABLED"})
public voidsayHello(){}   
}


@PermitAll
public voidsayHelloWorld(){}   
}

}

}


=====================================
The client Class will hold the following information
Properties env = new Properties( );
env.setProperty(Context.SECURITY_PRINCIPAL, "anish");
env.setProperty(Context.SECURITY_CREDENTIALS, "anish");
env.setProperty(Context.INITIAL_CONTEXT_FACTORY,
"org.jboss.security.jndi.JndiLoginInitialContextFactory");



---------------------------------------
Configure JBoss Security
------------------------------------
ANish