JBoss 3.0.1RC1_Tomcat-4.0.4-in security

  Compared to JBoss2.4.4, user security authentication, the only difference lies in the original configuration of the contents of auth.conf change in the login-config.xml file, such as DatabaseServerLoginModule the corresponding changes are as follows: 

  <application-policy Name = "testDB"> 
<authentication>
  <Login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" 
  Flag = "required"> 
  <module-option Name="dsJndiName"> java: / mySQLDS </ module-option> 
  <module-option Name="principalsQuery"> select passwd from Users username where username =? </ Module-option> 
  <module-option Name="rolesQuery"> select userRoles, 'Roles' from UserRoles where username =? </ Module-option> 
  </ Login-module> 
  </ Authentication> 
  </ Application-policy> 

  Site specific ways to see another article: JBOSS achieve user security authentication. 

  Part II: SSL 

  First, we must install Secure Sockets expansion JSSE package can be downloaded from the site SUN, the current version is v1.0.3. 

  Decompress lib directory after the three documents: jsse.jar jcert.jar jnet.jar Kaoru% JAVA_HOME% jrelibext directory, 
  And modify% JAVA_HOME% jrelibsecurityjava.security documents, add the following sentence: 

  Security.provider.3 = com.sun.net.ssl.internal.ssl.Provider 

  We then create a key for the server, in order to enter the current directory server / default / conf 

  Keytool-genkey-keyalg RSA-keystore server.keystore 

  Enter keystore password: changeit 
  What is your first and last name? Localhost 

  In other tips can be operated. 

  Below JBoss amend relevant configuration files: 

  First step, modify server / default / conf / jboss-service.xml documents in the security of an Accession: 

  <! - The SSL domain setup -> 
  <Mbean code = "org.jboss.security.plugins.JaasSecurityDomain" 
  Name = "Security: name = JaasSecurityDomain, RMI + SSL domain ="> 
<constructor>
  <arg Type="java.lang.String" value="RMI+SSL"/> 
  </ Constructor> 
  <attribute Name="KeyStoreURL"> server.keystore </ attribute> 
  <attribute Name="KeyStorePass"> changeit </ attribute> 
  </ Mbean> 

  NOTE: changeit you here in the establishment of the key enter the password you established server.keystore is the key document. 

  Step 2: Laws server/default/deploy/tomcat4-service.xml documents found: 

  <Connector className = "org.apache.catalina.connector.http.HttpConnector" 
  Port = "8080" minProcessors = "3" maxProcessors = "10" enableLookups = "true" 
  AcceptCount = "10" debug = "0" connectionTimeout = "60000" /> 

  Replaced by: 

  <! - HTTP Connector configuration -> 
  <Connector className = "org.apache.catalina.connector.http.HttpConnector" 
  Port = "8080" redirectPort = "8443" /> 
  <! - SSL / TLS Connector configuration -> 
  <Connector className = "org.apache.catalina.connector.http.HttpConnector" 
  Port = "8443" scheme = "https" secure = "true"> 
  <Factory className = "org.jboss.web.catalina.security.SSLServerSocketFactory" 
  SecurityDomainName = "java: / jaas / RMI + SSL" clientAuth = "false" 
  Protocol = "TLS" /> 
  </ Connector> 

  This completed the JBoss configuration.    You can visit https you to a web application. 

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Facebook
  • DotNetKicks
  • DZone
  • Netvouz
  • Propeller

Tags: , ,

Releated Java Articles

November 7, 2005 | Filed Under Core Java |

Comments

Leave a Reply