Work on servlet securitxy integration.

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / internal / kernel / jaas.cfg

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg b/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg
index b5a32193d8b25f78ef7475e0a5cab7d216d62753..0ebfb3a1306b06778e7cba69a96a9d491e67ca54 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/jaas.cfg
@@ -1,26 +1,20 @@
 USER {
     org.argeo.cms.auth.HttpSessionLoginModule sufficient;
-    org.argeo.cms.auth.SpnegoLoginModule optional;
-    com.sun.security.auth.module.Krb5LoginModule optional tryFirstPass=true;
-    org.argeo.cms.auth.UserAdminLoginModule sufficient;
+    org.argeo.cms.auth.IdentLoginModule optional;
+    org.argeo.cms.auth.UserAdminLoginModule requisite;
 };
 
 ANONYMOUS {
     org.argeo.cms.auth.HttpSessionLoginModule sufficient;
-    org.argeo.cms.auth.AnonymousLoginModule sufficient;
+    org.argeo.cms.auth.AnonymousLoginModule requisite;
 };
 
 DATA_ADMIN {
-    org.argeo.cms.auth.DataAdminLoginModule requisite;
+    org.argeo.api.DataAdminLoginModule requisite;
 };
 
 NODE {
-    com.sun.security.auth.module.Krb5LoginModule optional
-     keyTab="${osgi.instance.area}node/krb5.keytab" 
-     useKeyTab=true
-     storeKey=true
-     debug=true;
-    org.argeo.cms.auth.DataAdminLoginModule requisite;
+    org.argeo.api.DataAdminLoginModule requisite;
 };
 
 KEYRING {
@@ -28,11 +22,6 @@ KEYRING {
 };
 
 SINGLE_USER {
-    com.sun.security.auth.module.Krb5LoginModule optional
-     principal="${user.name}"
-     storeKey=true
-     useTicketCache=true
-     debug=true;
     org.argeo.cms.auth.SingleUserLoginModule requisite;
 };