Comments on: JBoss Role-Based Security

By: Sathya

Sathya — Mon, 01 Mar 2010 18:24:52 +0000

Does anyone know what could be causing the following issue ? When I try to access that has been setup for Role Based Secuirty, it opens a window to enter the username/password. Inspite of entering a valid username/password I get the HTTP 401 error.

By: SatyaDeep

SatyaDeep — Fri, 17 Apr 2009 06:05:09 +0000

Great documentation. I had one problem. Since we set

it means that the secured resource is accessed directly as
htt://:8080/SecuredResource.
Once I added context root i.e.
WebApp
this worked fine
http://localhost:8080/WebApp/SecureResource

By: Nikki1

Nikki1 — Sun, 01 Feb 2009 13:12:15 +0000

Nice guide.

However as I was trying to figure out what step 3 was doing exactly, I left it out in my application and it still worked same as before.

I also left out step 4 and 5 and I didnt notice any changes.

Anyone who can tell me what step 3 , 4 and 5 do exactly?

By: Monmohan

Monmohan — Fri, 16 Jan 2009 11:12:46 +0000

just one more thing,
i set up DIGEST security instead of BASIC, and followed below link verbatim (in addition to the changes suggested here)
http://docs.jboss.org/jbossas/guides/webguide/r2/en/html/ch05.html

By: Monmohan

Monmohan — Fri, 16 Jan 2009 11:09:25 +0000

thanks, this was very helpful

By: englishteeth.co.uk » Grails: Role based security on Jetty & JBoss

englishteeth.co.uk » Grails: Role based security on Jetty & JBoss — Wed, 22 Oct 2008 20:46:31 +0000

[...] The next step took a bit more digging and looking outside of grails oriented guides. The actual deployment environment I have to target is JBoss, but the best description of the security configuration I found was in the article JBoss Role-Based Security. [...]

By: Amit Katiyar

Amit Katiyar — Mon, 17 Mar 2008 19:47:26 +0000

Thanks a lot.
Worked like a charm

By: Chris Maeda

Chris Maeda — Tue, 12 Feb 2008 23:06:45 +0000

Thanks! Saved me a bunch of time!

By: Mehmet

Mehmet — Tue, 08 Jan 2008 22:40:48 +0000

I have the same setup and it works but there is a problem when JBoss is fronted by a apache web server and authorization is initially done by the web server. NullpointerException is thrown on the JBoss side when it tries to run Basic Auth.

I spend time to debug JBoss code to find out the reason and this is what happens. JBoss caches roles in a map keyed bu SimplePrinciple object where the principal name is the username. But already authorized request come with Principal being CayotePrincipal object and there fore unable to locate roles then throw exception. I haven’t found a solution yet. If anyone succesfully setup apache and JBoss Basic authorization together please let me know how.

By: Clees

Clees — Sun, 02 Dec 2007 21:22:01 +0000

Man, this is useful – really

BTW. You are 1000% right – they do write horrible documentation.