Page History
...
- Add CommonsGridLoginModule to JAAS login module (security-config.xml)
- requires
nci-commons-core
version 1.2.4 or greater see http://maven.5amsolutions.com/archiva/browse/com.fiveamsolutions/nci-commons-core - requires
jbosssx.jar
as runtime dependency to handle decryption of encrypted pre-shared key withinCommonsGridLoginModule
class. Typically included with JBoss by default, please verify.Code Block xml xml title Add to JAAS Login Module (security-config.xml) <login-module code="com.fiveamsolutions.nci.commons.authentication.CommonsGridLoginModule" flag="optional"> <module-option name="gridServicePrincipal">${gridServicePrincipal}</module-option> <module-option name="gridServiceCredential">${gridServiceCredential}</module-option> <module-option name="gridServicePrincipalSeparator">||</module-option> </login-module>
- Define gridServicePrincipal & gridServiceCredential properties within appropriate properties file so that the login module configuration file is properly configured as a part of the build and deployment process for your application
The unencrypted value forCode Block xml xml title Example snippet to add Maven2 properties <gridServicePrincipal>Gr1DU5er</gridServicePrincipal> <gridServiceCredential>ltHZmZ1rqYq8j2uyHEABIQ==</gridServiceCredential>
ltHZmZ1rqYq8j2uyHEABIQ==
isPa44Wurd
- requires
- Introduce a new grid service instance CSM Group
Update the application name'po'
to your application's nameCode Block sql sql title Sample SQL for Postgres to define a new CSM Group INSERT INTO CSM_GROUP (GROUP_NAME, GROUP_DESC, APPLICATION_ID) VALUES ('gridClient', 'Grid Service Invocation Group', (select application_id from csm_application where application_name = 'po'));
- Update @Remote EJBs endpoints to allow the new CSM Group using the @RolesAllowed annotation
Code Block java java title Example with only grid access @RolesAllowed("gridClient") public void myRemoteEndpointMethod() { ... }
Code Block java java title Example granting both grid and web clients access @RolesAllowed({"webClient","gridClient"}) public void myRemoteEndpointMethod() { ... }
...