XMLLoginModule

Last modified by RaffaelloPelagalli on 2005/09/30 19:37

XMLLoginModule

Description

This loginModule permits a XML file-based authentication for your web application.

parameters

namemandatoryvaluesdescriptionexample
debugnotrue or falseThis optional parameter, when set to true, activate the debug mode (provide more logs to detect easily misconfiguration). 
fileLocationyesThe location must begin with the "file:///" prefix. You should also use the "${java.home}" and the ${/} variables to have a more flexible configurationThis mandatory parameter indicate the location of the XML users and roles repository file. The corresponding DTD (jGuardUsersRoles_x.xx.dtd), must be in the same directory.fileLocation=
"file:///${java.home}
{/}lib${/}security${/}
jGuardUsersRoles.xml";
digestAlgorithmnoNONE(default value) or a MessageDigest algorithm like MD5, SHA or any supported algorithm on your platform. Standard algorithm names can be reached in the Java Cryptography Architecture API Specification & Reference.this optional parameter defines the crypting algorithm on datas. 

usual configuration in the web.xml file

....
....
 <init-param>
            <param-name>loginModules</param-name>
            <param-value>net.sf.jguard.loginmodules.XmlLoginModule</param-value>
            <description>loginModules used for authentication, and splitted with the ',' character</description>
        </init-param>
        <init-param>
            <param-name>net.sf.jguard.loginmodules.XmlLoginModule.Flag</param-name>
            <param-value>REQUIRED</param-value>
            <description>flag corresponding to the first loginModule. each loginModule defined
            above must have his own Flag which can be 'REQUIRED','OPTIONAL','REQUISITE',
            or 'SUFFICIENT'</description>
        </init-param>
        <init-param>
            <param-name>net.sf.jguard.loginmodules.XmlLoginModule.Options</param-name>
            <param-value>debug="false",fileLocation="WEBAPP_HOME/WEB-INF/conf/jGuard/jGuardUsersRoles.xml"</param-value>
            <description>options related to one of the loginModule defined in the 'loginModules' init parameters</description>
        </init-param>
....
....

jGuard.loginScheme example (advanced configuration)

below is an appConfigurationEntry example of a webapp configured with a XmlLoginModule.

myApplication{

net.sf.jguard.loginmodules.XmlLoginModule required debug="true" fileLocation="file:///${java.home}${/}lib${/}security${/}jGuardUsersRoles.xml";

};

We recommand to place the jGuard.loginScheme file in your ${java.home}/lib$/security/, to regroup all security files in one place.

jGuardUsersRoles.xml

description

This XML file contains all the users and roles informations of your webapp. It respects the jGuard DTD (jGuardUsersRoles_x.xx.dtd).

tags

roles

The first part of the file () contains roles declarations. Each role () must have an unique name in the file. A role is linked with only one application also. So, a user with the right role name, but the wrong application name will not have the corresponding role permissions.

users

The second part of the configuration file (), contains users declarations. Each user () has got a private credentials () , public credentials (), and references corresponding to declared roles ().

example

<?xml version="1.0" encoding="ISO-8859-1" standalone="no"?>
<!DOCTYPE usersRoles SYSTEM "jGuardUsersRoles_0.63.dtd">
<usersRoles>
  <roles>
      <role>
        <name>admin</name>
        <applicationName>jGuardExample</applicationName>
      </role>
      <role>
        <name>guest</name>
        <applicationName>jGuardExample</applicationName>
      </role>
      <role>
        <name>role3</name>
        <applicationName>anotherApplication</applicationName>
      </role>
  </roles>
  <users>
      <user>
     <privateCredentials>
       <credential>
          <id>login</id>
          <value>admin</value>
       </credential>
       <credential>
          <id>password</id>
          <value>admin</value>
       </credential>
     </privateCredentials>
     <publicCredentials>
       <credential>
          <id>name</id>
          <value>toto</value>
       </credential>
       <credential>
          <id>job</id>
          <value>ITManager</value>
       </credential>
     </publicCredentials>
     <rolesRef>
          <roleRef name="admin"/>
          <roleRef name="role3"/>
     </rolesRef>
   </user>
   <user>
   <privateCredentials>
   <credential>
        <id>login</id>
        <value>guest</value>
   </credential>
   <credential>
        <id>password</id>
        <value>guest</value>
   </credential>
   </privateCredentials>
<publicCredentials/>
        <rolesRef>
          <roleRef name="guest"/>
        </rolesRef>
      </user>
  </users>
</usersRoles>
Tags:
Created by diabolo512 on 2005/09/30 19:01

jGuard team copyright 2004-2009
3.1.1