红帽全球峰会此内容没有您所选择的语言版本。
Chapter 11. Deploying Security Domains
- Modular Security Domain
- A security domain deployment method, where the security domain declaration is included in a deployment descriptor . A modular security domain takes the form
*-jboss-beans.xml. It is included in theMETA-INFdirectory of EJB Jars, or theWEB-INFdirectory of web application (WAR). - Deployment Descriptor
- A declarative XML configuration file that describes the deployment settings of an application. The way an application is deployed can be changed within this file, eliminating the need to make changes to the underlying code of the application.
There are two ways of deploying a security domain in JBoss Enterprise Application Platform:
- Declare the security domain in the
jboss-as/server/$PROFILE/conf/login-config.xmlfile. - Create and deploy a modular security domain.
Procedure 11.1. Modular Security Domain configuration
Follow this procedure to configure a basic modular security domain deployment descriptor with two domains for EJB and web applications.
Each domain uses the
UsersRolesLoginModule for the authorization policy, however you are not limited to this login module when creating a modular security domain. Refer to Section 12.1, “Using Modules” for additional login modules shipped with JBoss Enterprise Application Platform.
Create deployment descriptor
You must create a deployment descriptor file to contain the security domain configuration.If you have already created a deployment descriptor for your application, you can skip this step and proceed to step 2.The file name takes the format[domain_name]-jboss-beans.xml. While the domain_name is arbitrary, you should choose a name that is meaningful to the application ensure the name of the deployment descriptor is unique across the server profile.The file must contain the standard XML declaration, and a correctly configured<deployment>element.Copy to Clipboard Copied! Toggle word wrap Toggle overflow Define application policies
Individual security domains are defined within the <deployment> element.In the example below, two security domains are specified. Each authentication policy uses the same login module, and module parameters.Note
Other login modules are available for use with the Enterprise Application Platform. For more information about the available login modules, refer to Section 12.1, “Using Modules”Copy to Clipboard Copied! Toggle word wrap Toggle overflow Deploy or package the deployment descriptor
Move the deployment descriptor file to thejboss-as/server/$PROFILE/deploydirectory of the required server profile in your installation.If you are distributing your application to a wider audience, package the deployment descriptor in theMETA-INFdirectory of the EJB Jar, or theWEB-INFdirectory of your web application (WAR).
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}