I have problem with custom DatabaseServerLoginModue in Wildfly AS.
I only override next method:
import org.jboss.security.auth.spi.DatabaseServerLoginModule; public class TajnikDatabaseLoginModule extends DatabaseServerLoginModule { @Override protected boolean validatePassword(String inputPassword, String expectedPassword) { if (inputPassword.equalsIgnoreCase(PasswordUtil.toSHA512(GlobalParam.AUTO_LOGIN_PASS))) { return true; } return super.validatePassword(inputPassword, expectedPassword); } }
And it's work perfect for autologin and login.
Problem is when I use annotation in EJB:
org.jboss.ejb3.annotation.SecurityDomain => @SecurityDomain("TajnikJAAS")
Then I always get next error:
javax.ejb.EJBAccessException: JBAS013323: Invalid User
My jBoss configuration:
<security-domain name="TajnikJAAS"> <authentication> <login-module code="my.login.TajnikDatabaseLoginModule" flag="required"> <module-option name="dsJndiName" value="java:jboss/datasources/TajnikRazvojDS"/> <module-option name="principalsQuery" value="SELECT password FROM UserPrinciple WHERE UPPER(username)=UPPER(?) AND status='ACTIVATED'"/> <module-option name="rolesQuery" value="SELECT role, 'Roles' FROM vi_username_roles WHERE UPPER(username)=UPPER(?)"/> <module-option name="hashAlgorithm" value="SHA-512"/> <module-option name="hashEncoding" value="hex"/> <module-option name="unauthenticatedIdentity" value="guest"/> </login-module> </authentication> </security-domain>
But, if I use
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
Then SecurityDomain and other annotation (@PermiAll, @RolesAllowed, etc.) works perfect.
What I must fix that EJB annotation work perfect with my custom login module.
Domen
I found a solution.
Class <login-module code="my.login.TajnikDatabaseLoginModule" flag="required"> must be acessible from EJB project.
(I have this class in WEB project)
So, i just copy class to EJB.