A few days ago I was proposed to develop an airline ticketing system using JavaEE platform. For this system I decided to use EJB3 and JSF running on JBoss application server.
As long as security is a vital concern in such applications, I decided to use JAAS (Java Authentication and Authorization Service) to implement authentication and authorization.
After searching for the required configurations to implement a JAAS based security on JBoss, I couldn’t find anything useful, even in the JBoss documents! (JavaEE developers are not very unfamiliar with this).
It took a while for me to find all the required settings and run my project under JAAS technology on the JBoss application server, so I decided to share my knowledge and document it, hope to be useful for somebody.
The printable version of this article is available at:
http://www.javadev.org/files/JAAS-JBoss.pdf
