Raible's Wiki
Raible Designs AppFuseHomepage- Korean - Chinese - Italian - Japanese QuickStart Guide User Guide Tutorials Other ApplicationsStruts ResumeSecurity Example Struts Menu
Set your name in
UserPreferences
Referenced by
JSPWiki v2.2.33
Hide Menu |
This is version 12.
It is not the current version, and thus it cannot be edited. NEW! For an uptodate AppFuse on JBoss HowTo, see Ken Yee's blog. This is a quick-n-dirty howto for setting up AppFuse on JBoss. Contributed by Rick Hightower, who does Struts Training and Consulting. AppFuse SecuritySetting up AppFuse security in JBoss I was surprise how easy it was. <application-policy name = "appfuse"> <authentication> <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required"> <module-option name = "dsJndiName">jdbc/mysql</module-option> <module-option name = "principalsQuery"> select password from app_user where username=? </module-option> <module-option name = "rolesQuery"> select role_name, 'Roles' from user_role where username=? </module-option> </login-module> </authentication> </application-policy> It took me less time to setup Security than it did for me to setup logging. (Which is a bit of a nightmare!) The above assumes you have a database driver mapped under jdbc/mysql. Create DS file as follows, and put it in the deploy dir: (C:\tools\jboss-3.2.3\server\default\deploy/mysql-ds.xml) <datasources> <local-tx-datasource> <jndi-name>jdbc/mysql</jndi-name> <connection-url>jdbc:mysql://localhost:3306/mysql</connection-url> <driver-class>com.mysql.jdbc.Driver</driver-class> <user-name>root</user-name> <password></password> </local-tx-datasource> </datasources> The login security stuff goes in the config directory of the server, e.g., C:\tools\jboss-3.2.3\server\default\conf\login-config.xml. I attached the login-config.xml file. Note the name has to be the name of your war (appfuse.war = appfuse). In reality, it has to be the name of the web context, but since my web context and war file name are the same it works. mysql-ds.xml has to be in the deploy dir, e.g., C:\tools\jboss-3.2.3\server\default\deploy\mysql-ds.xml. (The war file goes into the deploy dir as well). WARNING:JBoss holds onto the cache of users and roles. So if you changed a users role, they would not be able to see it for 1/2 an hour. I subclassed UserManagerImpl, and created a version specific to JBoss, then I changed UserManagerImpl to use a stub method called flushAuthCache. UserManagerJBossSpecific invalidates the user cache using JMX. JBoss is pretty cool! Since I am using Spring. I did not have to change any other code in the system. Just one configuration file! Spring change: <bean id="userManager" class="org.appfuse.webapp.service.UserManagerJBossSpecific"> <property name="userDAO"><ref local="userDAO"/></property> </bean> LoggingSetting up logging is a pain in JBoss. Don't mess with the console log... it misbehaves. Create a file logger and tail it. Here is my log4j.xml file (which has to be in the conf dir like the login-config.xml). I just tail -f the log file. JBoss 4.0 Changes to AppFuse Security InstructionsContributed by Josh SentsIn the login-config.xml change <module-option name = "dsJndiName">jdbc/mysql</module-option>To <module-option name = "dsJndiName">java:/jdbc/mysql</module-option> Create a WEB-INF/jboss-web.xml file inside Appfuse.jar with the following contents <?xml version="1.0" encoding="UTF-8" ?> <jboss-web> <context-root>/appfuse</context-root> <resource-ref> <res-ref-name>jdbc/mysql</res-ref-name> <res-type>javax.sql.DataSource</res-type> <jndi-name>java:jdbc/mysql</jndi-name> </resource-ref> <security-domain>java:/jaas/appfuse</security-domain> </jboss-web> Attachments:
|