Java Reference
In-Depth Information
</authentication>
</security-realm>
Besides containing the location where SSL certificates are stored, this security realm also
contains the authentication policy used by your EJBs, which is defined by the JAAS's se-
curity domain, named
ejb-security-domain
.
The following is a security domain definition, which is a simple file-based security do-
main containing the user credentials and roles in the files
ejb-users.properties
and
ejb-roles.properties
, respectively:
<security-domain name="ejb-security-domain"
cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking"
value="useFirstPass"/>
</login-module>
<login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
<module-option name="defaultUsersProperties"
value="${jboss.server.config.dir}/ejb-users.properties"/>
<module-option name="defaultRolesProperties"
value="${jboss.server.config.dir}/ejb-roles.properties"/>
<module-option name="usersProperties"
value="${jboss.server.config.dir}/ejb-users.properties"/>
<module-option name="rolesProperties"
value="${jboss.server.config.dir}/ejb-roles.properties"/>
<module-option name="password-stacking"
value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
As you can imagine, you need to create the two property files, each with some values in
them. For example, here's the
ejb-user.properties
file to be placed in the server
configuration's folder:
