The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

Java Buzz Forum
Deploying Pebble to JBoss 3.2.1/Tomcat 4.1.24

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
Simon Brown

Posts: 636
Nickname: simonbrown
Registered: Jun, 2003

Simon Brown is a Java developer, architect and author.
Deploying Pebble to JBoss 3.2.1/Tomcat 4.1.24 Posted: Oct 14, 2003 8:33 AM
Reply to this message Reply

This post originated from an RSS feed registered with Java Buzz by Simon Brown.
Original Post: Deploying Pebble to JBoss 3.2.1/Tomcat 4.1.24
Feed Title: Simon Brown's weblog
Feed URL: http://www.simongbrown.com/blog/feed.xml?flavor=rss20&category=java
Feed Description: My thoughts on Java, software development and technology. 		Latest Java Buzz Posts
Latest Java Buzz Posts by Simon Brown
Latest Posts From Simon Brown's weblog

Advertisement

Weiqi runs Pebble on the JBoss 3/Tomcat 4 distribution and aside from some problems with the Servlet security mechanism it seems to be working well. Here's a summary of the steps required to get it working, based on a default installation and assuming that you are deploying the web application to /pebble.

  1. Copy the expanded WAR file to the $JBOSS_HOME/server/default/deploy directory.
  2. Edit the $JBOSS_HOME/server/default/conf/login-config.xml file to specify which login-module to use by adding the following section.
    
    <application-policy name="pebble">
       <authentication>
          <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
             flag="required" />
       </authentication>
    </application-policy>
  3. Create a users.properties file underneath the WEB-INF/classes directory to specify the users for this webapp.
    # users.properties file has user=password pairs
simon=password
  4. Create a roles.properties file underneath the WEB-INF/classes directory to map users to roles for this webapp.
    # roles.properties has user=role,role2,roleN pairs
simon=blog-owner,blog-contributor
  5. Create a jboss-web.xml file underneath the WEB-INF directory to specify the security domain.
    <jboss-web>
  <security-domain>java:/jaas/pebble</security-domain>
</jboss-web>

All that these additional steps do is specify which authentication mechanism you want to use and, as expected, navigating to a protected page results in an authentication request.

The problem that Weiqi is having is related to the Servlet security mechanism. Basically, Pebble uses some custom tags to decide whether a particular portion of the page (e.g. admin links) should be displayed or not, and underneath the covers they simply perform a request.isUserInRole(...) check. The weird thing is that this works on those pages that fall under the protection of a security constraint, but the same code always returns false when used on an unprotected page. I've done some googling for this and all I can find are references to similar questions. My thoughts are that this a bug but I will do some more digging around.

Read: Deploying Pebble to JBoss 3.2.1/Tomcat 4.1.24

Topic: Acme Products Previous Topic   Next Topic Topic: LonghornBlogs is live
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use