I have configured custom login module
Added an Application user "jmsuser" in group "guest" for realm ApplicationRealm. But still I am getting "Forbidden" in the resultant page.
Standalone-full.xml
<default-security-domain value="MyLoginModule"/>
<security-domain name="MyLoginModule" cache-type="default">
<authentication>
<login-module code="com.auth.MyLoginModule" flag="required"/>
</authentication>
</security-domain>
Web.xml
<security-role>
<role-name>guest</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name></web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>guest</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>MyLoginModule</realm-name>
</login-config>
jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>MyLoginModule</security-domain>
</jboss-web>
MyLoginModule.java
public boolean login() throws LoginException
{
//returns true;
}
Audit.log
11:17:51,560 TRACE [org.jboss.security] (default task-2) PBOX000224: End getAppConfigurationEntry(MyLoginModule), AuthInfo: AppConfigurationEntry[]:
[0]
LoginModule Class: com.auth.MyLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
11:19:16,232 TRACE [org.jboss.security] (default task-2) PBOX000210: defaultLogin, login context: javax.security.auth.login.LoginContext@8ba05ec, subject: Subject(1075984995).principals=com.auth.MyLoginModulePrincipal@1936852516(MyLoginModulePrincipal: jmsuser)
11:19:18,863 TRACE [org.jboss.security] (default task-2) PBOX000207: updateCache, input subject: Subject(1075984995).principals=com.auth.MyLoginModulePrincipal@1936852516(MyLoginModulePrincipal: jmsuser), cached subject: Subject(689516194).principals=com.auth.MyLoginModulePrincipal@1936852516(MyLoginModulePrincipal: jmsuser)
11:19:18,865 TRACE [org.jboss.security] (default task-2) PBOX000208: Inserted cache info: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@6a06d399
11:19:18,866 TRACE [org.jboss.security] (default task-2) PBOX000201: End isValid, result = true
11:19:18,879 TRACE [org.jboss.security] (default task-2) PBOX000354: Setting security roles ThreadLocal: null
Aucun commentaire:
Enregistrer un commentaire