jpam / Bugs / #6 Improvement

#6 Improvement

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2010-11-18

Created: 2010-11-18

Creator: Raphael Villela

Private: No

Hi,

I´m using JPam with JBoss 4.2.3 and AFAIK JPam does not give any support for roles correct? I was only able to authenticate, not autorizate with it. With that in mind, at jboss there are the concept of password stacking and i was able to implemented on Jpan using code from JBoss. This code was really helpfull for me so i´m sending for your consideration at adding to JPam.

Configuration at jboss with the new JpamLoginModule:

<application-policy name = "jmx-console">
<authentication>
<login-module code="net.sf.jpam.jaas.JpamLoginModule" flag = "required">
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="serviceName">net-sf-jpam</module-option>
</login-module>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required">
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="usersProperties">props/jmx-console-users.properties</module-option>
<module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
</login-module>

</authentication>
</application-policy>

Thanks,
Raphael Villela

Password Stacking
http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/5/html/Security_Guide/ch12.html#sect-Password_Stacking

Discussion

Raphael Villela - 2010-11-18

Improved Jpam

JpamLoginModule.java

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Improvement

Group

Searches

Help

#6 Improvement

Discussion