JBoss.orgCommunity Documentation
Authentication security domains are configured statically in the /server/
file, or deployed using $PROFILE
/conf/login-config.xmljboss-beans.xml
deployment descriptors. For static domains, the XMLLoginConfig
bean is responsible for loading security configurations specified in login-config.xml
. The bean definition is located in the /server/
file. The bean is defined as shown below.
$PROFILE
/deploy/security/security-jboss-beans.xml
<bean name="XMLLoginConfig" class="org.jboss.security.auth.login.XMLLoginConfig">
<property name="configResource">login-config.xml</property>
</bean>
The bean supports the following attributes:
Specifies the URL of the XML login configuration file that should be loaded by this MBean on startup. This must be a valid URL string representation.
Specifies the resource name of the XML login configuration file that should be loaded by this MBean on startup. The name is treated as a classpath resource for which a URL is located using the thread context class loader.
Specifies whether the XML configuration should be validated against its DTD. This defaults to true.
The SecurityConfig
bean is responsible for selecting the javax.security.auth.login.Configuration
to be used. The default configuration simply references the XMLLoginConfig
bean.
<bean name="SecurityConfig" class="org.jboss.security.plugins.SecurityConfig">
<property name="mbeanServer"><inject bean="JMXKernel" property="mbeanServer"/></property>
<property name="defaultLoginConfig"><inject bean="XMLLoginConfig"/></property>
</bean>
There is one configurable attribute:
Specifies the bean name of the MC bean that provides the default JAAS login configuration. When the SecurityConfig
is started, this bean is queried for its javax.security.auth.login.Configuration
by calling its getConfiguration(Configuration currentConfig)
operation. If the defaultLoginConfig
attribute is not specified then the default Sun Configuration
implementation described in the Configuration
class JavaDocs is used