jGuard and Application servers

Overview

jGuard requires that the jGuard-jvm-x.xx.jar archive should be placed on a "shared lib" directory to be shared across multiple web applications. these tests have been done with the jGuardExample webapp provided in the jGuard distribution.

jBoss

  • jGuard 0.80 has been successfully tested with jBoss 4.0.3
    • Be sure that 'includeOldConfig' in your jguard xml configuration is set to "true".
    • Edit in your jboss JBOSS_HOME/server/ZZZ/conf/login-config.xml
    • Add this in the policy markup:
<application-policy name="jGuardExample"> 
<authentication> 
<login-module code="org.jboss.security.auth.spi.ProxyLoginModule" flag="required" /> 
</authentication> 
</application-policy>
You will have some errors in the log because UsersRolesLoginModule in not configured but it has no consequences on your applications.
  • jGuard 0.70 alpha 2 has been succesfully tested on jBoss 4.03 with SUN's JDK 1.5.0_04.
the jGuard-jvm-x.xx.jar should be placed in the {JBOSS_HOME}/server/default/lib directory. jGuardExample.war archive has been placed in the {JBOSS_HOME}/server/default/deploy directory.

  • jGuard 0.70 alpha 2 has been succesfully tested on jBoss 3.2.7 with SUN's JDK 1.5.0_04.
the jGuard-jvm-x.xx.jar should be placed in the {JBOSS_HOME}/server/default/lib directory. jGuardExample.war archive has been placed in the {JBOSS_HOME}/server/default/deploy directory. in the jBoss 3.x.x series,application server is configured to used by default the UnifiedClassLoader which is not j2ee compliant.jGuard requires that you configure JBoss to use classloaders in a j2ee compliant manner: open the file called jboss-service.xml located in the ${JBOSS_HOME}/server/default/deploy/jbossweb-tomcat50.sar/META-INF/ directory. locate the attribute called UseJBossWebLoader and change its value from true to false.

  • For a successful deployment of jGuardExample.war version 0.65.5 on JBoss 3.2.7, it is necessary to set the login module to "org.jboss.security.auth.spi.ProxyLoginModule" (with all options reported in web.xml) as application policy for "jGuardExample".This setting overrides the default application policy, that uses the "org.jboss.security.auth.spi.UsersRolesLoginModule"

jetty.gif jetty

jGuard 0.70 alpha 2 has been succesfully tested on jetty 5.1.5 with SUN's JDK 1.5.0_04. the jGuard-jvm-x.xx.jar should be placed in the {JETTY_HOME}/ext directory. jGuardExample.war archive has been placed in the {JETTY_HOME}/webapps directory.

tomcat.gif Tomcat

jGuard 0.70 alpha 2 has been succesfully tested on tomcat 4.1.31 with SUN's JDK 1.4.2 and tomcat 5.5.9 with SUN's JDK 1.5.0_04. the jGuard-jvm-x.xx.jar should be placed in the {TOMCAT_HOME}/shared/lib directory. jGuardExample.war archive has been placed in the {TOMCAT_HOME}/webapps directory.

OC4J

jGuard 0.70 beta 1 has been succesfully tested on OC4J with SUN's JDK 1.5.0_04. to deploy a war archive on it, you can configure the default application shipped with OC4J. to use it (the following steps are extracted from the OC4J FAQ), you have to:

~~tell the container about the WAR file to be deployed. open the /config/application.xml file in a editor. add a new tag and specify the attributes for your WAR file. 

<web-module id="jGuardExample" path="../../home/applications/jGuardExample.war" />
secondly, tell the OC4J HTTP server about the new WAR file and provide a URL to access it.

open the /config/http-web-site.xml in an editor. Add a new tag and specify the attributes for your new web module. it's important to note that the application attribute must specified as "default" since you have deployed your Web module to the default application.the name attribute should match the ID attribute you specified for the Web module. 

<web-app application="default" name="jGuardExample" root="/jGuardExample" access-log="false" />
the WAR file will now be deployed by OC4J and accessible using a URL of /jGuardExample.~~

Resin

jGuard 0.70 beta 2 has been succesfully tested on resin pro 3.0.15 with SUN's JDK 1.5.0_04.

The jGuard-jvm-x.xx.jar should be placed in the {RESIN_HOME}/lib directory.

jGuardExample.war archive has been placed in the {RESIN_HOME}/webapps directory.

If you use databases for authentication or authorization, you need to put required 3nd libraries (jdbc drivers), in the {RESIN_HOME}/lib directory.

Jonas

jGuard 0.70 beta 2 has been succesfully tested on Jonas 4.5.3 with SUN's JDK 1.5.0_04 (embedding tomcat) . the jGuard-jvm-x.xx.jar should be placed in the {JONAS_HOME}/lib/apps directory.

jGuardExample.war archive has been uploaded and deployed with the administration webapp JonasAdmin (http://127.0.0.1:9000/jonasAdmin/ with default login/password => jonas/jonas)

another way to install the war is to put jGuardExample.war archive in the ~~$JONAS_HOME}/webapps ~~ directory.

Websphere

jGuard 0.64 has been successfully tested on Websphere 5.1 (yes, it's an old jGuard release...), with the advanced configuration: WAS_HOME/properties/wsjaas.conf and WAS_HOME/properties/wsjaas_client.conf has been modified to use jGuard.

Since the 'easy' configuration (jGuard is set by the AccessFilter at runtime) method was not present on the 0.64 release, we have no feedback with it.

Weblogic

jGuard 0.65.5 has been successfully tested on Weblogic 9.0, with the advanced configuration: the java.security configuration file has been modified to use jGuard. There is no feedback about configure jGuard with weblogic at runtime (the "easy" way).

other application servers

jGuard will be tested on other application servers. If you have tested it on one specific application server, or if you have some difficulties installing jGuard, contact us!

last modified by RaffaelloPelagalli on 28/09/2006 at 16:54
Menu

 
Creator: Charles Gay on 2006/02/09 14:32
jGuard team copyright 2004-2009
1.4.1.14796