2 Replies Latest reply on Aug 14, 2013 10:36 AM by jsexton

    Custom Login Modules with 7.1

    jsexton
    jsexton Aug 13, 2013 4:06 PM

      I am attempting to create a login module for jBoss 7.1.0 Final.

       

      I have created the custom module, bare-bones, and added a security-domain to standalone.xml.  I made my login() method return false so that I'd know it was active.  I want to add this module to an EJB, but I can not get jBoss to use the custom module.

       

      The EJB is in a WAR, and that WAR is in an EAR - all trivial code I wrote just to get an example of this working.  The EJB deploys and runs without error, and there are no errors in the server's logs, the cusom login module is never invoked.

       

      In attempting to get the custom module invoked I have tried every permutation of the following.

       

      I have deployed the custom module in a jar in standalone/deployments.

      I have deployed the custom module in a jar as a module with a module descriptor.

      I have bundled the custom module in the WAR with the EJB.

      In the EAR I have used META-INF/jboss-app.xml and META-INF/jboss.xml

      In the WAR I have used WEB-INF/jboss-ejb3.xml and WEB-INF/jboss-web.xml

      In the EJB I have the annotation @org.jboss.ejb3.annotation.SecurityDomain("MyAuth")

       

      jBoss always allows the EJB to run, and never invokes the custom authentication object, nor are there ever any error messages.

       

      I have been through every example I can find of this.  Any suggestions would be welcome!

        • 1. Re: Custom Login Modules with 7.1
          jsexton
          jsexton Aug 13, 2013 5:24 PM (in response to jsexton)

          Since posting this, I have tried all the same options with the EJB in a jar file, and the jar included in the EAR, instead of having the EJBs directly in the WAR file.

           

          I also tried deploying just the EJBs in a jar file, with the annotation, and a jboss-ejb3.xml file.

           

          I know the authentication module is loaded and active because it shows up in the admin pages.  And I know jBoss is parsing my various descriptors because I can get an error if I mal-form them, or duplicate information in multiple files.

           

          However, it simply will not invoke the custom login code...  No error messages either...

            • Actions
          • 2. Re: Custom Login Modules with 7.1
            jsexton
            jsexton Aug 14, 2013 10:36 AM (in response to jsexton)

            My problem appears to have something to do with my accessing this EJB as a webservice.

             

            @Stateless

            @WebService

            @SecurityDomain("SimpleAuth")

            public class Sample implements SampleRemote {

                        public int one()

                      {

                                return 1;

                      }

             

            Accessing this via SOAP does not invoke the security module.

              • Actions