Setup custom JAAS login module in HornetQ with JBoss 7.1.1.Final
madchedar0 Jul 20, 2012 5:46 PMI'm on JBoss 7.1.1.Final and using whatever the stock HornetQ is in that distribution.
I would like to use JAAS as my authentication instead of the current "ApplicationRealm" that I'm using.
This is what my remoting subsystem looks like from my standalone-full.xml:
<subsystem xmlns="urn:jboss:domain:remoting:1.1"> <connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/> </subsystem>
Earlier in my standalone-full.xml ApplicationRealm is defined like this:
<security-realm name="ApplicationRealm"> <authentication> <properties path="application-users.properties" relative-to="jboss.server.config.dir"/> </authentication> </security-realm>
So currently I have HornetQ using just a regular properties file to authenticate, but I need to use JAAS instead.
I also have a security domain (which I just did my best at porting over from our old JBoss 5.1.0GA days - the code is untested) which uses the JAAS login module I would like to use for HornetQ:
<security-domain name="myapp" cache-type="default"> <authentication> <login-module code="com.mycompany.myapp.user.UserLoginModule" flag="required"/> </authentication> </security-domain>
I had been trying to follow the HornetQ documentation on using JAAS here:
(From a HornetQ distribution I downloaded) $INSTALL_DIR/hornetq-2.2.14.Final/examples/jms/jaas/readme.html
Some notes on HornetQ Configuration
(Section 6.. 6.6 and 6.7) http://docs.jboss.org/hornetq/2.2.2.Final/user-manual/en/html_single/index.html
But I was wondering if there's an easier way to accomplish JAAS authentication?
I was wondering if it was possible to take the "myapp" security domain and use it as an authentication mechanism in a security realm like so? :
<security-realm name="MessagingRealm"> <authentication> <jaas name="myapp"/> </authentication> </security-realm>
Then the remoting subsystem looks like so:
<subsystem xmlns="urn:jboss:domain:remoting:1.1"> <connector name="remoting-connector" socket-binding="remoting" security-realm="MessagingRealm"/> </subsystem>
I'm wondering if this approach works to accomplish having JAAS as a part of HornetQ?
I've been tinkering with it and it's not clear that any of the logger messages I have put in my com.mycompany.myapp.user.UserLoginModule are getting called.
So I'm interested if anyone in the community can shed some light on this because I'm not sure what to try next.
Thank you.