Java Reference
In-Depth Information
<role-name>Manager</role-name>
</security-role>
</web-app>
This configuration will add a security constraint on any JSP/servlet of the web applic-
ation that will restrict access to users authenticated with the role Manager . All login
modules shown in the earlier section define this role, so you can just use the login
module that suits your needs best.
The next configuration tweak needs to be performed on the JBoss web deployment's
descriptor, WEB-INF/jboss-web.xml . You need to declare the security domain
here, which will be used to authenticate the users. Since we are using RealmUser-
sRoles , which is part of the other built-in login module, we will need to include the
java:/jaas/other context information:
<jboss-web>
<security-domain>java:/jaas/
other</security-domain>
</jboss-web>
The following diagram illustrates the whole configuration sequence applied to a
Database login module:
Once you have deployed your application, the outcome should be a blocking pop-up
requesting user authentication, as shown in the following screenshot:
Search WWH ::




Custom Search