Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/>
- <security-realm name="ApplicationRealm">
- <server-identities>
- <ssl>
- <keystore path="ssl/server.jks" relative-to="jboss.server.config.dir" keystore-password="secret" alias="server" key-password="secret"/>
- </ssl>
- </server-identities>
- <authentication>
- <truststore path="/cert-auth/server/ServerTruststore.jks" relative-to="jboss.server.config.dir" keystore-password="secret"/>
- <local default-user="$local" allowed-users="*" skip-group-loading="true"/>
- <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
- </authentication>
- </security-realm>
- <security-domain name="client_cert_domain" cache-type="default">
- <authentication>
- <login-module code="CertificateRoles" flag="required">
- <module-option name="password-stacking" value="useFirstPass"/>
- <module-option name="verifier" value="org.jboss.security.auth.certs.AnyCertVerifier"/>
- <module-option name="securityDomain" value="client_cert_domain"/>
- <module-option name="rolesProperties" value="file:${jboss.server.config.dir}/application-roles.properties"/>
- </login-module>
- <login-module code="Identity" flag="required">
- <module-option name="password-stacking" value="useFirstPass"/>
- <module-option name="roles" value="default"/>
- </login-module>
- </authentication>
- <jsse keystore-password="secret" keystore-url="file:${jboss.server.config.dir}/cert-auth/server/ServerKeystore.jks" truststore-password="secret" truststore-url="file:${jboss.server.config.dir}/cert-auth/server/ServerTruststore.jks" client-auth="true"/>
- </security-domain>
- <?xml version="1.0" encoding="UTF-8"?>
- <jboss-web version="10.0"
- xmlns="http://www.jboss.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-web_10_0.xsd">
- <context-root>cert-auth</context-root>
- <security-domain>client_cert_domain</security-domain>
- </jboss-web>
- <web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
- <security-constraint>
- <display-name>SSL Authentication Constraint</display-name>
- <web-resource-collection>
- <web-resource-name>all</web-resource-name>
- <url-pattern>/secured/*</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>default</role-name>
- </auth-constraint>
- </security-constraint>
- <security-role>
- <role-name>default</role-name>
- </security-role>
- <login-config>
- <auth-method>CLIENT-CERT</auth-method>
- <realm-name>client_cert_domain</realm-name>
- </login-config>
- <servlet-mapping>
- <servlet-name>javax.ws.rs.core.Application</servlet-name>
- <url-pattern>/*</url-pattern>
- </servlet-mapping>
- </web-app>
Add Comment
Please, Sign In to add comment