JBoss Client-Cert Authentication: Hot to setup UsersRolesLoginModule in login-config.xml
Posted
by sixtyfootersdude
on Stack Overflow
See other posts from Stack Overflow
or by sixtyfootersdude
Published on 2010-03-11T19:52:46Z
Indexed on
2010/03/11
19:54 UTC
Read the original article
Hit count: 299
I am looking that chapter 8 of the RedHat, JBoss documentation. I am trying to setup Certificate Authentication as described on this page .
On the page it says that the login-config
file should have this in it:
<application-policy name="jmx-console">
<authentication>
<login-module code="org.jboss.security.auth.spi.BaseCertLoginModule"
flag="required">
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="securityDomain">java:/jaas/jmx-console</module-option>
</login-module>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="usersProperties">jmx-console-users.properties</module-option>
<module-option name="rolesProperties">jmx-console-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
I think that the BaseCertLoginModule chekcs the clients server and the UsersRolesloginModule
assigns the client to role (using the file jmx-console-roles.properties
). However I am completely bewildered as to what should be in this file: jmx-console-users.properties
. Normally that file stores user/password pairs (source) but when using client-cert I don't think that there should be passwords in there. Right now I am leaving that file empty but I am getting this exception:
[org.jboss.security.auth.spi.UsersRolesLoginModule.initialize:135] Failed to load users/passwords/role files
java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found
...
What should be in that file?
Thanks.
© Stack Overflow or respective owner