jboss 安全控制

1.web.xml配置

<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
    http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>

    <security-constraint>
        <web-resource-collection>
            <web-resource-name>All resources</web-resource-name>
            <description></description>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>myrole</role-name>
        </auth-constraint>
    </security-constraint>
    <security-role>
        <role-name>myrole</role-name>
    </security-role>
    <login-config>  
  <auth-method>BASIC</auth-method>  
  <realm-name>Authorized access only.</realm-name>  
 </login-config> 
</web-app>

二、jboss-web.xml配置

在WebRoot\WEB-INF目录下创建jboss-web.xml

<jboss-web>
    <security-domain>java:/jaas/myappname</security-domain>
</jboss-web>

这里的myappname 不一定是工程名,需要第三步做关联

三、login-config.xml  配置

jboss/server/default/conf/login-config.xml  

<policy>
....
<!-- application policy for myappname -->
<application-policy name="myappname">
 <authentication>
  <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
   <module-option name="usersProperties">props/users.properties</module-option>
   <module-option name="rolesProperties">props/roles.properties</module-option>
  </login-module>
 </authentication>
</application-policy>
</policy>

四、props下配置文件

明显需要在server\default\conf\props下创建

users.properties

draem0507=123456

roles.properties

draem0507=myrole

敲入工程地址

输入draem0507/123456

顺利进入界面