Up to Documents in Application Servers

Creating a Secure Flux Engine in the JBoss Application Server.

VERSION 2 Published

Created on: 20-Jul-2007 16:25 by Ryan Johns - Last Modified:  30-Nov-2007 10:12 by Ryan Johns

This article addresses how to configure Flux to log in using JBoss.

In order to use the Flux security login module with JBoss, I have found that due to strict security guidelines in JBoss the following configuration properties alone will not allow you to connect to your secure Flux engine. This article demonstrates how to create a Flux engine servlet that is deployable in JBoss.
   config.setSecurityEnabled(true);
   config.setSecurityPolicyFile("/fluxjaas.policy");
   config.setSecurityConfigurationFile("/fluxjaas.config");


The addition of the following should allow you to specify the java security policy file which then allows you to create your secure Flux engine.
          System.setProperty("java.security.policy","c:\\fluxjaas.policy");
          Policy mypol = Policy.getPolicy();
          mypol.refresh();


You will also want to add the Flux login module to the login-config.xml. This can be accomplished by adding a <login-module code=> to the <authentication> of the application policy in this example I created the following application policy. See following login-config.xml entry below.
  <application-policy name = "fluxEngineServlet">
       <authentication>
          <login-module code = "flux.security.FluxLoginModule"
             flag = "required" />
       </authentication>
    </application-policy>


This file will be located in the following directory; depending on the mode you are running JBoss in, e.g. default, minimal, all.

\jboss\server\<MODE>\conf\login-config.xml

Following is an example servlet that allow will you to create a secure flux engine in a web module that can be deployed in JBoss.

public class JbossTest extends HttpServlet {
    Engine flux;
    Factory fluxFactory = Factory.makeInstance();
    RemoteSecurity secureInterface;
 
    public void init() throws ServletException {
    	try
      	{
             Configuration config = fluxFactory.makeConfiguration();
 
             System.setProperty("java.security.policy","c:\\fluxjaas.policy");
             Policy mypol = Policy.getPolicy();
             mypol.refresh();
 
             config.setSecurityEnabled(true);
             config.setRegistryPort(1199);
             config.setSecurityPolicyFile("C:\\fluxjaas.policy");
             config.setSecurityConfigurationFile("C:\\fluxjaas.config");
 
             System.out.println("making of the engine");
             flux = fluxFactory.makeEngine(config);
             secureInterface = fluxFactory.makeRemoteSecurity(config,flux);
 
             System.out.println("login in ummmkay");
             flux = secureInterface.login("admin", "admin");
             flux.start();
	}//try
    	catch (Throwable e)
       	{
             e.printStackTrace();
             e.getCause().printStackTrace();
             throw new ServletException(e.getMessage());
       } // catch
    }//init
 
    public void destroy()
    {
        try {
             flux.dispose();
        }//try
         
        catch (Throwable d) {
             d.printStackTrace();
        }//catch
    }//destroy
}//JbossTest
Average User Rating
(0 ratings)




Comments (0)

There are no comments on this document

Actions

More by Ryan Johns

View Ryan Johns's profile