Tutorials Land

Do not limit your challenges.. Challenge your limits

BTemplates.com

Search This Blog
Powered by Blogger.

About Me

My photo
kathmandu, Bagmati, Nepal
I am Software developer based on Nepal.I have started coding since mid of 1995 with QBasic.My interest in software development covers a broad range of technologies from assembly to the Microsoft .NET platform to Java, Linux to Windows, Windows Mobile to Android, desktop to web to mobile, and many others. But from 2007 I am just working on Java mainly working on Java EE platform and decided just to go with it. I really like to learn new stuff and share things with others which is my main objective in creating this blog.

ArchUnit : Java architecture test library

Finally I have found the required library which will enforce architecture patterns . ArchUnit  . Currently I am exploring it and will upd...

Sunday, May 27, 2012

JASS Security through Database With Jboss 7.1.1

  May 27, 2012    

JAAS can be used for two purposes:

  1. for authentication of users, to reliably and securely determine who is currently executing Java code, regardless of whether the code is running as an application, an applet, a bean, or a servlet; and
  2. for authorization of users to ensure they have the access control rights (permissions) required to do the actions performed.

For more details information about JASS Security can be found here . 
Let's go step by step to use JASS Security with JBOSS 7.1.1
  1. Open file JBOSS_HOME/standalone/configure/standalone.xml in editor.
  2. Search <security-domains> tag
  3. Add below lines inside <security-domains> tag

<security-domain name=”JASS-Security”>
<authentication>
<login-module code=”Database” flag=”required”>
<!– -Here TEST_DS is  DataSource–>
<module-option name=”dsJndiName” value=”java:jboss/datasources/TEST_DS”/>
<module-option name=”principalsQuery” value=”select password from users where username=?”/>
<module-option name=”rolesQuery” value=”select rolename, ‘Roles’ from roles where username=?”/>
<module-option name=”unauthenticatedIdentity” value=”guest”/>
<!– Please mention password encryption algorithm–>
<module-option name=”hashAlgorithm” value=”SHA-256″/>
<module-option name=”hashEncoding” value=”base64″/>
</login-module>
</authentication>
</security-domain>


Add new file named as  jboss-web.xml inside WEB-INF folder
  1. Add these line on jboss-web.xml
<?xml version=”1.0″ encoding=”UTF-8″?>
<jboss-web>
<security-domain>java:/jaas/JASS-Security</security-domain>
</jboss-web>

  1. Adjust below line in web.xml
<security-constraint>
<display-name>security</display-name>
<web-resource-collection>
<web-resource-name>faces</web-resource-name>
<description />
<url-pattern>/resources/*</url-pattern>
<url-pattern>/javax.faces.resource/*</url-pattern>
<url-pattern>/services/*</url-pattern>
</web-resource-collection>
</security-constraint>
<security-constraint>
<display-name>security</display-name>
<web-resource-collection>
<web-resource-name>faces</web-resource-name>
<description />
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description />
<role-name>Administrator</role-name>
<role-name>Agent</role-name>
<role-name>Reporter</role-name>
</auth-constraint>
</security-constraint>
<!– Admin –>
<security-constraint>
<display-name>security</display-name>
<web-resource-collection>
<web-resource-name>faces</web-resource-name>
<description />
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description />
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsf</form-login-page>
<form-error-page>/login.jsf/msg=error</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description />
<role-name>Administrator</role-name>
</security-role>
<security-role>
<description />
<role-name>Agent</role-name>
</security-role>
<security-role>
<description />
<role-name>Reporter</role-name>
</security-role>

  1. Now Login Page
<form action=”j_security_check” method=”post”>

<br />
<h:panelGrid columns=”2″>
<h:outputLabel for=”j_username”>Username: </h:outputLabel>
<input type=”text” name=”j_username” />

<h:outputLabel for=”j_password”>Password: </h:outputLabel>
<input type=”password” name=”j_password” />
</h:panelGrid>
<br />

<br />
<input type=”submit” value=”Login” />
</form>
 Run application it should ask for login 
Happy JASS






  

  2 Comments

2 comments:

  1. UnknownFebruary 5, 2013 at 1:14 PM

    Dear Suray

    A solid input to JAAS fans.

    Allow me a comment. You might rather use JSF tags rendering the form. Subsequently you must implment a login and logout method in your backing bean (managed bean, CDI bean). Both must add the username and password to the request object (HttpServletRequest).

    public String login () {
    FacesContext context = FacesContext.getCurrentInstance();
    HttpServletRequest request = (HttpServletRequest)
    context.getExternalContext().getRequest();
    try {
    request.login(this.username, this.password);
    } catch (ServletException e) {
    log.warn("failed to login");
    context.addMessage(null, new FacesMessage("Login not valid"));
    return "error";
    }
    return "admin/salery";
    }

    Bests, Brayan

    ReplyDelete
  2. Suraj ChhetryJune 8, 2013 at 5:45 AM

    Dear Brayan,

    Thank You for your comment.Yes we can do that way also. In this post I am just sharing about JASS Configuration with JSF. Either way we can do.

    ReplyDelete

Subscribe to: Post Comments (Atom)