Here is the part of jonas.properties related to
security service:
# ###################### JOnAS SECURITY service configuration # # Set the name of the implementation class of the security service jonas.service.security.class org.ow2.jonas.security.internal.JonasSecurityServiceImpl # Realm used for CsiV2 authentication jonas.service.security.csiv2.realm memrlm_1 # Realm used for Web Service authentication jonas.service.security.ws.realm memrlm_1 # Registration of realm resources into JNDI # Disable by default so configuration is not available with clients jonas.service.security.realm.jndi.registration false # Enable security context check on Remote Login Module jonas.security.context.check false # Path to the keystore file jonas.security.context.check.keystoreFile /tmp/keystore # Pass used for the keystore file jonas.security.context.check.keystorePass keystorepass # Alias (stored in the keystore) jonas.security.context.check.alias FB
In fact properties
jonas.service.security.csiv2.realm and
jonas.service.security.ws.realm are only useful for
users that use security on top of rmi/iiop or on top of web services . in
these case with memrlm_1 it is possible to make a link to
the memomyrealm named memrlm_1 in the
$JONAS_BASE/conf/jonas-realm.xml file and retrieve
users name and roles.
Don't forget that for using security the global property jonas.security.propagation to true and that an important property related to security is jonas.security.manager see Section 2.1.5.1, “Global properties”
All other security configuration related to JOnAS is done in the file jonas-realm.xml
and security configuration related to web containers,
certificate, etc., is done in the appropriate files. Refer to the subsection
Section 2.5, “Configuring Security” for a complete description of security
configuration.