4.5. Configure a Web Application to use an Authenticator Valve
web.xmldeployment descriptor of the application to be configured. In the simplest case, the
web.xmlconfiguration is the same as using
BASICauthentication except the
auth-methodchild element of
login-configis set to the name of the valve performing the configuration.
- Authentication valve must already be created.
- If the authentication valve is a global valve then it must already be installed and configured, and you must know the name that it was configured as.
- You need to know the realm name of the security realm that the application will use.
Procedure 4.2. Configure an Application to use an Authenticator Valve
Configure the valveWhen using a local valve, it must be configured in the applications
jboss-web.xmldeployment descriptor. Refer to Section 4.4, “Configure a Web Application to use a Valve”.When using a global valve, this is unnecessary.
Add security configuration to web.xmlAdd the security configuration the the web.xml file for your application, using the standard elements such as security-constraint, login-config, and security-role. In the login-config element, set the value of auth-method to the name of the authenticator valve. The realm-name element also needs to be set to the name of the JBoss security realm being used by the application.
<login-config> <auth-method>VALVE_NAME</auth-method> <realm-name>REALM_NAME</realm-name> </login-config>