0 Replies Latest reply on Oct 28, 2012 11:12 AM by bdyerjboss

JBoss4 to JBoss7 migration. JSSE Security domain is not valid. SSL+Cert

bdyerjboss Oct 28, 2012 11:12 AM

I'm migrating existing webapps from JBoss4 to JBoss7.

jboss-as-7.1.1.Final

jdk1.6.0_31

x64

In standalone.xml

I have configured the https connector in the subsystem: urn:jboss:domain:web:1.1

<ssl name="myapp-cert" key-alias="myalias" password="-----" certificate-key-file="${jboss.server.base.dir}/ssl/cert/trust.jks"

protocol="TLSv1" verify-client="true" ca-certificate-file="${jboss.server.base.dir}/ssl/cert/trust.jks"/>

</connector>

<virtual-server name="default-host" enable-welcome-root="true">

</virtual-server>

</subsystem>

I have configured security-domains in the subsystem: urn:jboss:domain:security:1.1

<security-domain name="admin-app" cache-type="default">

<login-module code="us.gov.dod.don.navy.n093.security.CustomCertLoginModule" flag="required">

<module-option name="securityDomain" value="java:/jaas/myapp-cert"/>

<module-option name="verifier" value="org.jboss.security.auth.certs.AnyCertVerifier"/>

<module-option name="dsJndiName" value="java:/abc"/>

<module-option name="rolesQuery" value="SELECT distinct cr.role_name = .....?"/>

</login-module>

</authentication>

</security-domain>

I have a configured the datasource

<connection-url>jdbc:oracle:thin:@localhost:1521:aaa</connection-url>

<driver>oracle</driver>

<user-name>-----</user-name>

</security>

</datasource>

The login-module code CustomCertLoginModule custom login class extends DatabaseCertLoginModule.

As soon as the customCertLoginModule executes super.initialize(), it throws an error of " The JSSE security domain myapp-cert is not valid. All authentication using this login module will fail!"

What other configuration is necessary in the standalone.xml file?