Red Hat Training
A Red Hat training course is available for Red Hat JBoss Enterprise Application Platform
4.5. Configure a Web Application to use an Authenticator Valve
Configuring an application to use an authenticator valve requires the valve to be installed and configured (either local to the application or as a global valve) and the
web.xmldeployment descriptor of the application to be configured. In the simplest case, the
web.xmlconfiguration is the same as using
BASICauthentication except the
auth-methodchild element of
login-configis set to the name of the valve performing the configuration.
- Authentication valve must already be created.
- If the authentication valve is a global valve then it must already be installed and configured, and you must know the name that it was configured as.
- You need to know the realm name of the security realm that the application will use.
If you do not know the valve or security realm name to use, ask your server administrator for this information.
Procedure 4.2. Configure an Application to use an Authenticator Valve
Configure the valveWhen using a local valve, it must be configured in the application's
jboss-web.xmldeployment descriptor. See Section 4.4, “Configure a Web Application to use a Valve”.When using a global valve, this is not necessary.
Add security configuration to web.xmlAdd the security configuration to the
web.xmlfile for your application, using the standard elements such as
security-role. In the
login-configelement, set the value of
auth-methodto the name of the authenticator valve. The realm-name element must also be set to the name of the JBoss security realm being used by the application.
<login-config> <auth-method>VALVE_NAME</auth-method> <realm-name>REALM_NAME</realm-name> </login-config>
When the application is deployed, the authentication of requests is handled by the configured authentication valve.