Configure a Modular Security Domain
Procedure 11.1. Modular Security Domain configuration Follow this procedure to configure a basic modular security domain deployment descriptor with two domains for EJB and web applications. Each domain uses the UsersRolesLoginModule for the authorization policy, however you are not limited to this login module when creating a modular security domain. Refer to Section 12.1, “Using Modules” for additional login modules shipped with JBoss Enterprise Application Platform. Create deployment descriptor You must create a deployment descriptor file to contain the security domain configuration. If you have already created a deployment descriptor for your application, you can skip this step and proceed to step 2. The filename takes the format [domain_name]-jboss-beans.xml. While the domain_name is arbitrary, you should choose a name that is meaningful to the application ensure the name of the deployment descriptor is unique across the server profile. The file must contain the standard XML declaration, and a correctly configured element. Define application policies Individual security domains are defined within the element. In the example below, two security domains are specified. Each authentication policy uses the same login module, and module parameters. Note Other login modules are available for use with the Enterprise Application Platform. For more information about the available login modules, refer to Section 12.1, “Using Modules” anonymous u.properties r.properties anonymous u.properties r.properties Deploy or package the deployment descriptor Move the deployment descriptor file to the jboss-as/server/$PROFILE/deploy directory of the required server profile in your installation. If you are distributing your application to a wider audience, package the deployment descriptor in the META-INF directory of the EJB Jar, or the WEB-INF directory of your web application (WAR).