Yubico Forum
https://forum.yubico.com/

login module for jboss7
https://forum.yubico.com/viewtopic.php?f=5&t=743
Page 1 of 1

Author:  fiorenzino [ Mon Jan 09, 2012 4:57 pm ]
Post subject:  login module for jboss7

Hi to all,

i would use java client yubico on jboss 7 to protect my web application.

I found in git, the yubico java client, but i don't know how configure jboss to use jaas versione and i don't knox if the code is usefull or i must reconfigure this.

I think i need some help to accomplish following steps:

1) create module folder with jar in jboss:
in jboss-as-7.0.2.Final/modules/com/yubico:
slf4j-api-1.6.1.jar
commons-codec-1.4.jar
vt-ldap-3.3.3.jar
commons-cli-1.2.jar
commons-logging-1.1.1.jar
dom4j-1.6.1.jar

and a module.xml like this:
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.0" name="org.jasig.cas">
<resources>
<resource-root path="slf4j-api-1.6.1.jar"/>
<resource-root path="commons-codec-1.4.jar"/>
<resource-root path="vt-ldap-3.3.3.jar"/>
<resource-root path="commons-cli-1.2.jar"/>
<resource-root path="commons-logging-1.1.1.jar"/>
<resource-root path="dom4j-1.6.1.jar"/>
</resources>

<dependencies>
<module name="javax.api"/>
<module name="org.apache.commons.logging"/>
<module name="javax.security.auth.message.api"/>
<module name="javax.security.jacc.api"/>
<module name="javax.transaction.api"/>
<module name="javax.xml.bind.api"/>
<module name="javax.xml.stream.api"/>
<module name="org.jboss.common-core"/>
<module name="org.jboss.logging"/>
<module name="org.infinispan"/>
<module name="org.jboss.as.web"/>
<module name="javax.servlet.api"/>
<module name="org.picketbox"/>
</dependencies>
</module>
2) how declaring in standalone.conf some like this:
<security-domain name="TestYUBICO">
<authentication>
<login-module code="com.yubico.jaas.YubikeyLoginModule" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>

3) a jboss-web file like this:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>TestYUBICO</security-domain>
</jboss-web>
3) a web page to use in web application login page

<form method="POST" action="j_security_check">
Name:<INPUT TYPE=TEXT NAME="j_username" VALUE="" SIZE=15>
Password:<INPUT TYPE=PASSWORD NAME="j_password" VALUE="" SIZE=15>
Token:<INPUT TYPE=PASSWORD NAME="totp" VALUE="" SIZE=100>
<INPUT TYPE=submit VALUE="validate">
</form>


I think is useful to follow the jboss example on use otp:
http://community.jboss.org/wiki/OTPInte ... tionServer


Can someone halp me?

Thanks en advance

Fiorenzo

Author:  Fredrik-at-Yubico [ Tue Mar 06, 2012 11:21 am ]
Post subject:  Re: login module for jboss7

We do not have configuration examples showing how to use JAAS with JBoss. I would recommend searching the Internet for "jaas jboss" and similar. Using Google, that turns up a wealth of information - for example https://community.jboss.org/wiki/SecurityJAASLoginModule looks informative.

/Fredrik

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/