Hi,
I wasnt sure in which section to post this query of mine. So, please bear with me if this is a wrong section to post this particular query.
I have a Non-browser based client which sends XML requests to a servlet residing in a JBoss App server. The JBoss listens on port 80 and the servlet handles the request.
HTTP authentication that gives a pop up to the client prompting for username and password, was insisted for this application . After reading plethora of information on the internet, I could not successfully implement HTTP authentication in JBoss.
However, I have achieved this by making use of Apache 2.0.53 HTTP server by modifying the httpd.conf file and the pop-up authnetication is successful.
Now, I dont have clue as to how I would get the requests redirected to Jboss from Apache. This needs to be done as the servlets are present in JBoss. Apache is listening on port 80 and JBoss should be made to listen on port 8080 by modifying the xml file.
I dont seem to have any idea about this. Any suggestion in this would be really helpful.
Thanks in advance.
Regards
-
Redirection/Port forwarding from Apache to JBoss (2 messages)
- Posted by: Pramod Kashyap
- Posted on: March 24 2005 02:01 EST
Threaded Messages (2)
- Redirection/Port forwarding from Apache to JBoss by adrian osullivan on March 24 2005 06:09 EST
- Redirection/Port forwarding from Apache to JBoss by Nicolas Dobler on March 28 2005 15:34 EST
-
Redirection/Port forwarding from Apache to JBoss[ Go to top ]
- Posted by: adrian osullivan
- Posted on: March 24 2005 06:09 EST
- in response to Pramod Kashyap
Doesn't Jboss actually use an embedded Tomcat for listening to HTTP requests? If so, you can use Apache plugin mod_jk to delegate requests from Apache to Tomcat. If its using Jetty, I'm not sure this is supported by Apache, so perhaps you can switch to Tomcat. -
Redirection/Port forwarding from Apache to JBoss[ Go to top ]
- Posted by: Nicolas Dobler
- Posted on: March 28 2005 15:34 EST
- in response to Pramod Kashyap
I would give jboss another chance for doing http authentication.
I'll tell you what files you should modify:
* web.xml: say wich resources should be secured and how
<security-constraint>
<display-name>acceso seguro</display-name>
<web-resource-collection>
<web-resource-name>fullSite</web-resource-name>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.do</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>normalUser</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>myLogin</realm-name>
<form-login-config>
<form-login-page>/logon/logon.jsp</form-login-page>
<form-error-page>/logon/logonError.html</form-error-page>
</form-login-config>
</login-config>
You should modify this to do http authentication.
<security-role>
<role-name>normalUser</role-name>
</security-role>
* jboss-web.xml (located in the same directory as web.xml
<jboss-web>
<security-domain>java:/jaas/mySecurityDomain</security-domain> </jboss-web>
* login-config.xml (in your application jboss conf directory)
<application-policy name="mySecurityDomain">
<authentication>
<login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<module-option name="dsJndiName">java:/genesisDS</module-option>
<module-option name="principalsQuery">select password from Usuario where userid=?</module-option>
<module-option name="rolesQuery">select rolId, 'Roles' from Usuario_Rol where userId=?</module-option>
<module-option name="hashAlgorithm">SHA</module-option>
<module-option name="hashEncoding">base64</module-option>
<module-option name="hashCharset">UTF-8</module-option>
</login-module>
</authentication>
</application-policy>
If you set those files correctly you should get the http login window, managed directly by jboss (tomcat running inside jboss actually).
Hope you understand my poor english.
Good luck!