config/jboss/conf/login-config.xml - tapestry3 - Git at Google

 <?xml version='1.0'?>
 <!DOCTYPE policy PUBLIC
       "-//JBoss//DTD JBOSS Security Config 3.0//EN"
       "http://www.jboss.org/j2ee/dtd/security_config.dtd">

 <!-- The XML based JAAS login configuration read by the
 org.jboss.security.auth.login.XMLLoginConfig mbean. Add
 an application-policy element for each security domain.

 The outline of the application-policy is:
 <application-policy name="security-domain-name">
   <authentication>
     <login-module code="login.module1.class.name" flag="control_flag">
       <module-option name = "option1-name">option1-value</module-option>
       <module-option name = "option2-name">option2-value</module-option>
       ...
     </login-module>

     <login-module code="login.module2.class.name" flag="control_flag">
       ...
     </login-module>
     ...
   </authentication>
 </application-policy>

 $Revision$
 -->

 <policy>
     <!-- Used by clients within the application server VM such as
     mbeans and servlets that access EJBs.
     -->
     <application-policy name = "client-login">
        <authentication>
           <login-module code = "org.jboss.security.ClientLoginModule"
              flag = "required">
           </login-module>
        </authentication>
     </application-policy>

     <!-- Security domain for JBossMQ -->
     <application-policy name = "jbossmq">
        <authentication>
           <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
              flag = "required">
              <module-option name = "unauthenticatedIdentity">guest</module-option>
 	     <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
           </login-module>
        </authentication>
     </application-policy>

     <!-- Security domains for testing new jca framework -->
     <application-policy name = "HsqlDbRealm">
        <authentication>
           <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
              flag = "required">
              <module-option name = "principal">sa</module-option>
              <module-option name = "userName">sa</module-option>
              <module-option name = "password"></module-option>
              <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=hsqldbDS</module-option>
           </login-module>
        </authentication>
     </application-policy>

     <application-policy name = "FirebirdDBRealm">
        <authentication>
           <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
              flag = "required">
              <module-option name = "principal">sysdba</module-option>
              <module-option name = "userName">sysdba</module-option>
              <module-option name = "password">masterkey</module-option>
              <module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=FirebirdDS</module-option>
           </login-module>
        </authentication>
     </application-policy>

     <application-policy name = "JmsXARealm">
        <authentication>
           <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
              flag = "required">
              <module-option name = "principal">guest</module-option>
              <module-option name = "userName">guest</module-option>
              <module-option name = "password">guest</module-option>
              <module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=jmsra</module-option>
           </login-module>
        </authentication>
     </application-policy>

     <!-- A template configuration for the jmx-console web application. This
       defaults to the UsersRolesLoginModule the same as other and should be
       changed to a stronger authentication mechanism as required.
     -->
     <application-policy name = "jmx-console">
        <authentication>
           <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
              flag = "required" />
        </authentication>
     </application-policy>

     <!-- The default login configuration used by any security domain that
     does not have a application-policy entry with a matching name
     -->
     <application-policy name = "other">
        <!-- A simple server login module, which can be used when the number
        of users is relatively small. It uses two properties files:
        users.properties, which holds users (key) and their password (value).
        roles.properties, which holds users (key) and a comma-separated list of
        their roles (value).
        The unauthenticatedIdentity property defines the name of the principal
        that will be used when a null username and password are presented as is
        the case for an unuathenticated web client or MDB. If you want to
        allow such users to be authenticated add the property, e.g.,
        unauthenticatedIdentity="nobody"
        -->
        <authentication>
           <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
              flag = "required" />
        </authentication>
     </application-policy>

 </policy>
	<?xml version='1.0'?>
	<!DOCTYPE policy PUBLIC
	"-//JBoss//DTD JBOSS Security Config 3.0//EN"
	"http://www.jboss.org/j2ee/dtd/security_config.dtd">

	<!-- The XML based JAAS login configuration read by the
	org.jboss.security.auth.login.XMLLoginConfig mbean. Add
	an application-policy element for each security domain.

	The outline of the application-policy is:
	<application-policy name="security-domain-name">
	<authentication>
	<login-module code="login.module1.class.name" flag="control_flag">
	<module-option name = "option1-name">option1-value</module-option>
	<module-option name = "option2-name">option2-value</module-option>
	...
	</login-module>

	<login-module code="login.module2.class.name" flag="control_flag">
	...
	</login-module>
	...
	</authentication>
	</application-policy>

	$Revision$
	-->

	<policy>
	<!-- Used by clients within the application server VM such as
	mbeans and servlets that access EJBs.
	-->
	<application-policy name = "client-login">
	<authentication>
	<login-module code = "org.jboss.security.ClientLoginModule"
	flag = "required">
	</login-module>
	</authentication>
	</application-policy>

	<!-- Security domain for JBossMQ -->
	<application-policy name = "jbossmq">
	<authentication>
	<login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
	flag = "required">
	<module-option name = "unauthenticatedIdentity">guest</module-option>
	<module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
	</login-module>
	</authentication>
	</application-policy>

	<!-- Security domains for testing new jca framework -->
	<application-policy name = "HsqlDbRealm">
	<authentication>
	<login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
	flag = "required">
	<module-option name = "principal">sa</module-option>
	<module-option name = "userName">sa</module-option>
	<module-option name = "password"></module-option>
	<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=hsqldbDS</module-option>
	</login-module>
	</authentication>
	</application-policy>

	<application-policy name = "FirebirdDBRealm">
	<authentication>
	<login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
	flag = "required">
	<module-option name = "principal">sysdba</module-option>
	<module-option name = "userName">sysdba</module-option>
	<module-option name = "password">masterkey</module-option>
	<module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=FirebirdDS</module-option>
	</login-module>
	</authentication>
	</application-policy>

	<application-policy name = "JmsXARealm">
	<authentication>
	<login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
	flag = "required">
	<module-option name = "principal">guest</module-option>
	<module-option name = "userName">guest</module-option>
	<module-option name = "password">guest</module-option>
	<module-option name = "managedConnectionFactoryName">jboss.jca:service=XaTxCM,name=jmsra</module-option>
	</login-module>
	</authentication>
	</application-policy>

	<!-- A template configuration for the jmx-console web application. This
	defaults to the UsersRolesLoginModule the same as other and should be
	changed to a stronger authentication mechanism as required.
	-->
	<application-policy name = "jmx-console">
	<authentication>
	<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
	flag = "required" />
	</authentication>
	</application-policy>

	<!-- The default login configuration used by any security domain that
	does not have a application-policy entry with a matching name
	-->
	<application-policy name = "other">
	<!-- A simple server login module, which can be used when the number
	of users is relatively small. It uses two properties files:
	users.properties, which holds users (key) and their password (value).
	roles.properties, which holds users (key) and a comma-separated list of
	their roles (value).
	The unauthenticatedIdentity property defines the name of the principal
	that will be used when a null username and password are presented as is
	the case for an unuathenticated web client or MDB. If you want to
	allow such users to be authenticated add the property, e.g.,
	unauthenticatedIdentity="nobody"
	-->
	<authentication>
	<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
	flag = "required" />
	</authentication>
	</application-policy>

	</policy>