USER {
- org.argeo.cms.auth.NodeContextLoginModule requisite;
- org.argeo.cms.auth.UserAdminLoginModule requisite;
- org.argeo.cms.auth.NodeUserLoginModule requisite;
+ org.argeo.cms.auth.HttpSessionLoginModule sufficient;
+ org.argeo.cms.auth.SpnegoLoginModule optional;
+ com.sun.security.auth.module.Krb5LoginModule optional;
+ org.argeo.cms.auth.UserAdminLoginModule sufficient;
};
ANONYMOUS {
- org.argeo.cms.auth.NodeContextLoginModule requisite;
- org.argeo.cms.auth.UserAdminLoginModule requisite anonymous=true;
- org.argeo.cms.auth.NodeUserLoginModule requisite;
+ org.argeo.cms.auth.HttpSessionLoginModule sufficient;
+ org.argeo.cms.auth.AnonymousLoginModule sufficient;
};
-SYSTEM {
- org.argeo.security.core.SystemLoginModule requisite;
+DATA_ADMIN {
+ org.argeo.cms.auth.DataAdminLoginModule requisite;
};
-KERNEL {
- com.sun.security.auth.module.UnixLoginModule requisite;
- com.sun.security.auth.module.KeyStoreLoginModule requisite keyStoreURL="${osgi.instance.area}/node.p12" keyStoreType=PKCS12 keyStoreProvider=BC;
- org.argeo.cms.internal.auth.KernelLoginModule requisite;
+NODE {
+ com.sun.security.auth.module.Krb5LoginModule optional
+ keyTab="${osgi.instance.area}node/krb5.keytab"
+ useKeyTab=true
+ storeKey=true
+ debug=true;
+ org.argeo.cms.auth.DataAdminLoginModule requisite;
};
KEYRING {
- org.argeo.security.crypto.KeyringLoginModule required;
+ org.argeo.cms.auth.KeyringLoginModule required;
};
SINGLE_USER {
- com.sun.security.auth.module.UnixLoginModule requisite;
- org.argeo.cms.internal.auth.SingleUserLoginModule requisite;
- org.springframework.security.authentication.jaas.SecurityContextLoginModule requisite;
+ com.sun.security.auth.module.Krb5LoginModule optional
+ principal="${user.name}"
+ storeKey=true
+ useTicketCache=true
+ debug=true;
+ org.argeo.cms.auth.SingleUserLoginModule requisite;
};
Jackrabbit {