Saturday, December 31, 2011

Configure Database Server LoginModule Realm in Jboss AS 7

If we want to do a Database login for JavaEE6 application, We need to configure the DatabaseServerLoginModule of Jboss by creating a Realm. Put following lines in standalone.xml ( or domain.xml) :

 
   
    
          
               
               
               
               
               
          
     
  


Replace values with your respected values. If you are using custom database module class replace code="Database" with code="<your class name>"
Now the realm is configured into server, We need to tell our application to use this realm. This can be achieved using web.xml

 
  FORM
  MyRealm
  
   /login.jsp
   /loginerror.jsp
  
 
 
  SuperAdmin
 
 
  Admin
 
 
  Manager
 
 
  Employee
 
From lines 1 to 8 we inform the application to make use of FORM method to authenticate users with Realm MyRealm and also provide the login and error pages.
Next we need to declare the security roles in the application. We have declared 4 roles SuperAdmin, Admin, Manager and Employee from lines 9 to 20.
Now we have configured the application we will add security constraint in web.xml to our application as below.

  
   MyApplication
   /administration/*
   GET
   POST
  
  
   SuperAdmin
   Admin
  
 
 
  
   Unprotected area
   /resources/*
  
 
We added two security constraints. First is to allow only SuperAdmin and Admin to enter the admin panel. Another example is when you have protected entire site but want to allow access to resources to all.

1 comment:

  1. Your post was very helpful. But when I tried to follow this example using JBoss 7.1.0.CR1b I've got stuck in a problem that could be solved through this post: https://community.jboss.org/message/640619#640619
    So, it is necessary to add a jndi reference to your security domain inside the jboss-web.xml.
    e.g.


    java:/jaas/MyRealm

    ReplyDelete