Announcement Announcement Module
No announcement yet.
JBoss Portal & Acegi Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • JBoss Portal & Acegi

    I am thinking of using Acegi in a JBoss Portal to
    - Authenticate a user
    - Restrict access to accessing Portal Pages
    - Implement a fine-grained authorization within the portlets, which will be based on the Spring Portlet MVC framework

    Has anyone used Ageci for authentication and authorization within JBoss Portal?



  • #2
    I would try search for this, I'm pretty sure I've seen this brought up a few times.


    • #3
      The subject came up in a few posts but none of them is sufficient for me to understand how to integrate Acegi Security in the JBoss Portal . At the moment I am mainly interested in Authentication and retrieving the user roles as the basic coarse-grained Authorization for Portal Pages and Portlet Instance is sufficient for me to start with. At a later stage I would like to integrate Acegi Security into portlets for a more fine-grained authorization within a portlet.

      In the JBoss Portal you can change the Authentication by adding a new login-module for the portal in the login.config.xml in JBOSS_HOME/server/default/deploy/jboss-portla.sar/conf/ looks. A login-module has to implenent the interface. There a few existing implemenations e.g UsersRolesLoginModule or An Example:

      <application-policy name="portal">
      <login-module code="org.jboss.portal.identity.auth.IdentityLogin Module" flag="sufficient">
      <module-option name="unauthenticatedIdentity">guest</module-option>
      <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
      <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
      <module-option name="additionalRole">Authenticated</module-option>
      <module-option name="password-stacking">useFirstPass</module-option>
      <login-module code=" odule" flag = "required">
      <module-option name="usersProperties">props/</module-option>
      <module-option name="rolesProperties">props/</module-option>

      I noticed the org.acegisecurity.adapters.jboss.JbossAcegiLoginMo dule, which I assume implements the LoginModule interface. Can I use this module to integrate Acegi with the JBoss Portal? If yes how do I configure the login-module.xml?

      When securing a web application using Acegi I would configure authentication and authorization in a xml file e.g. the applicationContext-acegi-security.xml in the Acegi Security Tutorial Sample and the configuration for the Acegi Filter Chain Proxy to the web.xml of my web application. How would I configure authentication when Integrating Acegi in the JBoss Portal?

      Since JBoss Security is based on JAAS another option to integrate Acegi in JBoss Portal might to delegate authentication requests to the Java Authentication and Authorization Service (JAAS) (see Not sure if that would be a viable option and I would have to implement a JAAS AuthorityGranter.

      Best Regards,