Built with Seam

You can find the full source code for this website in the Seam package in the directory /examples/wiki. It is licensed under the LGPL.

This article will cover setting up JAAS with the existing jmx-console security policy.

Open up components.xml and modify the default:

<security:identity authenticate-method="#{authenticator.authenticate}"


<security:identity jaas-config-name="jmx-console" remember-me="true"/>

Remember that the authenticate-method and jaas-config-name are mutually exclusive, if you have one, you can't have the other. Setting jaas-config-name to jmx-console tells Seam to authenticate against the following security policy in JBoss:

<!-- A template configuration for the jmx-console web application. This
      defaults to the UsersRolesLoginModule the same as other and should be
      changed to a stronger authentication mechanism as required.
    <application-policy name = "jmx-console">
          <login-module code=""
             flag = "required">
           <module-option name="usersProperties">props/</module-option>
           <module-option name="rolesProperties">props/</module-option>

Where the is:

# A sample file for use with the UsersRolesLoginModule

And is:

# A sample file for use with the UsersRolesLoginModule

Now deploy your project and go to the home page and login. Login with admin/admin and you'll see:

Welcome, admin 

That was simple enough, now let's see if the roles are there, on the home.seam page add:

    	<f:facet name="header">Security information</f:facet>
    	Identity principle: #{identity.principal} <br />
    	Identity subject: #{identity.subject} <br />
    	<h:outputText value="Display when user has the JBossAdmin roll" rendered="#{s:hasRole('JBossAdmin')}" /> <br />
    	<h:outputText value="Display when user has the Employee roll (Which isn't defined)" rendered="#{s:hasRole('Employee')}" />

Redeploy or reexplode, now login again if necessary on the home page, you will now see:

Identity principle: admin
Identity subject: Subject: Principal: admin Principal: Roles(members:JBossAdmin,HttpInvoker)
Display when user has the JBossAdmin roll 

From this point, you can begin integrating other JAAS security policies and writing your own.