|
|
Chapter 4. Configuring Security
As a final step you must activate security for the openCRX application. You can either configure the file-based UsersRolesLoginModule or the database-based DatabaseServerLoginModule.
Configuring UsersRolesLoginModule
Activate JAAS based authentication by adding the following TWO configuration entries for the standard and the root servlet to d:\pgm\jboss-4.0.1\server\default\conf\login_config.xml (login-config.xml on Unix platforms!).
Add the following security policy for the root servlet:
Example 4-1. JBoss login_config.xml for JAAS login configuration for the root servlet.
<application-policy name = "opencrx-core-CRX-Root"> <authentication> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" > <module-option name="usersProperties">openCRX.users.properties</module-option> <module-option name="rolesProperties">openCRX.roles.properties</module-option> </login-module> </authentication> </application-policy>
Add the following security policy for the standard servlet:
Example 4-2. JBoss login_config.xml for JAAS login configuration for the standard servlet.
<application-policy name = "opencrx-core-CRX"> <authentication> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" > <module-option name="usersProperties">openCRX.users.properties</module-option> <module-option name="rolesProperties">openCRX.roles.properties</module-option> </login-module> </authentication> </application-policy>
Then create the files openCRX.users.properties and openCRX.roles.properties in directory d:\pgm\jboss-4.0.1\server\default\conf:
Example 4-3. openCRX.users.properties with user=password syntax.
admin-Root=rootSecret admin-Standard=adminSecret guest=guest
Example 4-4. openCRX.roles.properties with user.Roles=role1,role2 syntax.
admin-Root.Roles=OpenCrxRoot admin-Standard.Roles=OpenCrxAdministrator guest.Roles=OpenCrxUser
Add additional users of your choice to the files.
