Thanks, this link was very useful. The only ponit i'd like to mention is the howto avoid another tier integration (typically a DB) :
Use org.jboss.security.auth.spi.UsersRolesLoginModule instead of org.jboss.security.auth.spi.DatabaseServerLoginModule And then parameter your user.properties and role.properties files. Note these files are a bit weak in terms of format, i.e very poor credentials for a user (no first name, last name, only the very strict necessary information : login, pwd and roles). ------ Here is a good resource that I used. http://www.javaworld.com/javaforums/showflat.php? Cat=2&Board=JavaSecurity&Number=2500&page=0&view=collapsed&sb=5&o=&fpart =1%3E -Matt On Wed, 2004-10-27 at 13:39 +0000, liooil wrote: > Hello world, > > Before we integrate authorization/authentication based on a sun one > identity server policy agent, i would like to make something more > simple. I'd just like to build an authorization/authentication system > relying on the login-config.xml file of my jboss3.2.2 and the web.xml > and jboss-web.xml of my webapp ... > A least, i know i don't want another tier for now. > > May i have from this list some advices? URLs ? whatever may be useful > ... > > Thx, > ___[ Pub ]____________________________________________________________ Envie de discuter gratuitement avec vos amis ? Téléchargez Yahoo! Messenger http://yahoo.ifrance.com _____________________________________________________________________ Envie de discuter gratuitement avec vos amis ? Téléchargez Yahoo! Messenger http://yahoo.ifrance.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
