4 Replies Latest reply on Mar 1, 2013 5:55 PM by tomeicher

JBoss 7.1 : Dynamic security domain : How to deploy together with EAR / WAR

glorya Jan 16, 2012 7:34 AM

Hello,

I have an application packed as an EAR. I need to deploy the app several times into the JBoss AS (Client1.ear, Client2.ear, etc...). The issue is that JBoss complains about having the same security domain for multiple WARs (althoug these have different root context):

Caused by: org.jboss.msc.service.DuplicateServiceException: Service jboss.security.jacc."web-gui-6.0.0-SNAPSHOT.war" is already registered

at org.jboss.msc.service.ServiceRegistrationImpl.setInstance(ServiceRegistrationImpl.java:154) [jboss-msc-1.0.1.GA.jar:1.0.1.GA]

at org.jboss.msc.service.ServiceControllerImpl.startInstallation(ServiceControllerImpl.java:226) [jboss-msc-1.0.1.GA.jar:1.0.1.GA]

at org.jboss.msc.service.ServiceContainerImpl.install(ServiceContainerImpl.java:560) [jboss-msc-1.0.1.GA.jar:1.0.1.GA]

....

Is there a way how to deploy a security domain per application? For example jboss-web.xml (${client_build_ID} is known at applicaion build time):

<jboss-web>

<security-domain>${client_build_ID}-Security-Domain</security-domain>

<disable-audit>true</disable-audit>

</jboss-web>

Additionaly I need to define a different authenication per application. Is there a way how to deploy a security domain configuration per application? For example some sort of jboss-security.xml:

<security-domains>

<security-domain name="${client_build_ID}-Security-Domain" cache-type="default">

<login-module code="myapp.EJBLoginModule" flag="required">

<module-option name="EJBJNDI" value="java:/${client_build_ID}/Login" />

</login-module>

</authentication>

</security-domain>

</security-domains>

</subsystem>

There might exist another authentication scenarios which would do the same. Any help is very appreciated!!

1. Re: JBoss 7.1 : Dynamic security domain : How to deploy together with EAR / WAR

jaikiran Jan 16, 2012 10:31 PM (in response to glorya)

Caused by: org.jboss.msc.service.DuplicateServiceException: Service jboss.security.jacc."web-gui-6.0.0-SNAPSHOT.war" is already registered
So you have 2 .ears containing that same .war file? It looks like a bug in the service name generation code which doesn't take into account the top level deployment.
Actions
2. Re: JBoss 7.1 : Dynamic security domain : How to deploy together with EAR / WAR

glorya Jan 17, 2012 2:43 AM (in response to jaikiran)

jaikiran pai wrote:

Caused by: org.jboss.msc.service.DuplicateServiceException: Service jboss.security.jacc."web-gui-6.0.0-SNAPSHOT.war" is already registered
So you have 2 .ears containing that same .war file? It looks like a bug in the service name generation code which doesn't take into account the top level deployment.
Yes, I have 2 same WARs in those differently named EARs.

However, I would prefer deploying different security domain for each WAR...
Actions
3. Re: JBoss 7.1 : Dynamic security domain : How to deploy together with EAR / WAR

mkilic Feb 23, 2013 3:50 PM (in response to glorya)

I am also trying to figure out deploying security domain within the application, so I can have a fully self-sufficient WAR file that could be deployed to any container without dependency on the server's standalone.xml.

Have you found a way to do this?
Actions
4. Re: JBoss 7.1 : Dynamic security domain : How to deploy together with EAR / WAR

tomeicher Mar 1, 2013 5:55 PM (in response to mkilic)

Hello, I am also trying to deploy a security domain from within an EAR / without modification of the server installation. Does anybody know how to do this in AS7 ?
(How would this be done in AS7 ? http://docs.jboss.org/jbosssecurity/docs/6.0/security_guide/html/Dynamic_Security_Domains.html )
Thanks, Tom.
Actions

Go to original post