Configuring application security by defining the database login module in standalone.xml
In the Creating and deploying Java EE 6 applications using the JBoss EAP and PostgreSQL 9.2 cartridges recipe, you learned how to develop a Java EE 6 application on OpenShift. The application allows you to create company entities and then assign jobs to them. The problem with the application is that it is not secured. The Java EE specification defines a simple, role-based security model for EJBs and web components. JBoss security is an extension to the application server and is included by default with your OpenShift JBoss applications. You can view the extension in the JBoss standalone.xml configuration file. The standalone.xml file exists in the .openshift/config location. The following code shows the extension:
<extension module="org.jboss.as.security" />
OpenShift allows developers to update the standalone.xml configuration file to meet their application needs. You make a change to the standalone...
