This section provides the following tasks required to protect Web Applications with the JBoss Agent. Before beginning this section, deploy the application as usual.
You copy Jboss Agent registration artifacts from the AdminServer to the JBoss host and create a filter configuration properties file that is referenced later. The JBoss Agent relies on the 11g Java ASDK which operates in the same mode as the registered JBoss Agent.
The JBoss Agent requires a configuration file (oam_config.properties) that defines a number of critical properties. These include the file system path to the agent's registration artifact (ObAccessClient.xml
), the security domain defined in the JBoss server's login configuration file, parameters and values that return to the JBoss Agent during authentication, and an optional attribute to check for the presence of authToken
in the request. Use this procedure to create a configuration properties file for the JBoss Agent.
You can configure the Authentication Valve in one of the two ways that is best suited to your environment.
Note:
This procedure is not needed if you are Preparing Your Environment for JBoss 6.x Integration as the Valve is not currently supported at the Global level.
To configure the Authentication Valve:
Adding the Authentication Valve to context.xml: This global configuration causes the Authentication Valve to intercept all requests to the JBoss Agent.
Adding the Authentication Valve to the Application's Deployment: Rather than adding the Authentication Valve to context.xml for global use, you can add a context.xml as part of the application's deployment. This configuration affects only the concerned application (the Authentication Valve intercepts requests coming only to this specific application).
You can add the Authentication Valve to context.xml.
You can add filter mapping for this integration to the application's web.xml
.
You also add the name of the filter's configuration properties file.
This procedure describes the required login module entry for JBoss to use Access Manager policies. After you add filter mapping to web.xml, you redeploy the application and start the JBoss Server.
Note:
Starting JBoss Server using -b 0.0.0.0 allows the user to access the server by the host name rather than localhost / 127.0.0.1
. Without this parameter, JBoss Server can be accessed using localhost / 127.0.0.1
as well as the host name.