NonStop Servlets for JavaServer Pages (5.0) System Administrator's Guide
Configuring NSJSP
NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-002
3-41
JAASRealm
* Safeguard Alias E.g. root
*
*/
NonStopUserDB {
com.tandem.servlet.jaas.NonStopLoginModule REQUIRED debug=false;
};
If you use the NonStopLoginModule, then the user name may be specified in any
of the following forms:
Nonstop User Name: SUPER.WEBMSTR
Nonstop Group,User: 255,20
Nonstop User ID: 65305
Safeguard Alias: webman
On successful authentication of Nonstop users (and optionally Safeguard aliases if
Safeguard has been configured), the NonStopLoginModule returns the groups the
user or alias belongs to, in addition to the actual Nonstop user name as the roles
that are granted to the authenticated Nonstop user.
For example, if the Safeguard alias "webman" (for NonStop user
SUPER.WEBMSTR) is configured as belonging to groups SUPER, SOFTWARE
and WEB, then on successful authentication, the roles returned for the "webman"
alias are:
SUPER
SOFTWARE
WEB
SUPER.WEBMSTR (the actual NonStop user name)
4. Configure the security-constraints in your web applications' deployment
descriptors(modify the web application's web.xml for the resources you want to
protect). For example, update your application’s web.xml to allow “SUPER” and
“SYSSW” NonStop user group to access your application:
:
:
<security-constraint>
<web-resource-collection>
<web-resource-name>My Appl's Secure Pages</web-resource-name>
<description>Security constraint for resources in the secure
directory</description>
<url-pattern>/secure/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<description>only let the system user login </description>
<role-name>SYSSW</role-name>
<role-name>SUPER</role-name>
</auth-constraint>
</security-constraint>
:
:
<login-config>
<auth-method>BASIC</auth-method>
</login-config>