Define and use multiple security domains in JBo...| JBoss.org Content Archive (Read Only)

1 2 Previous Next 22 Replies Latest reply on Dec 8, 2016 10:46 AM by bubul.dey Go to original post

15. Re: Define and use multiple security domains in JBoss EAP 7

sidde3 Dec 6, 2016 1:32 AM (in response to nitin_jain)

Okay,

I will share you with custom implementation. Please give me some time.

Regards,

Bubul
Actions
16. Re: Define and use multiple security domains in JBoss EAP 7

sidde3 Dec 6, 2016 7:48 AM (in response to nitin_jain)
Hello Nitin,

I have come with successful with implementation using logincontext.login() with custom login module. Please find the attached Jboss Configuration and Application code.

Note:

1) I have added the dependency of login module in application using jboss-deployment-structure.xml

2) I have created the customLogin module of localOS based authentication (https://developers.redhat.com/blog/2016/09/02/using-the-operating-system-to-authenticate-users-on-red-hat-jboss-enterprise-application-platform-eap/)

Regards,

Bubul

loginWeb.zip 9.3 KB

standalone.xml.txt.zip 3.4 KB
Actions
17. Re: Define and use multiple security domains in JBoss EAP 7

bubul.dey Dec 6, 2016 8:32 AM (in response to nitin_jain)
Hello Nitin,

I have come with successful with implementation using logincontext.login()
with custom login module. Please find the attached Jboss Configuration and
Application code.

Note:

1) I have added the dependency of login module in application using
jboss-deployment-structure.xml
2) I have created the customLogin module of localOS based authentication (
https://developers.redhat.com/blog/2016/09/02/using-the-operating-system-to-authenticate-users-on-red-hat-jboss-enterprise-application-platform-eap/)

Regards,
Bubul

standalone.xml.txt.zip 3.4 KB

loginWeb.zip 9.3 KB
Actions
18. Re: Define and use multiple security domains in JBoss EAP 7

sidde3 Dec 6, 2016 8:37 AM (in response to nitin_jain)

Hello Nitin,

I have come with successful with implementation using logincontext.login() with custom login module. Please find the attached Jboss Configuration and Application code.

Note:

1) I have added the dependency of login module in application using jboss-deployment-structure.xml
2) I have created the customLogin module of localOS based authentication (https://developers.redhat.com/blog/2016/09/02/using-the-operating-system-to-authenticate-users-on-red-hat-jboss-enterprise-application-platform-eap/)

Regards,

Bubul
Actions
19. Re: Define and use multiple security domains in JBoss EAP 7

nitin_jain Dec 7, 2016 10:33 AM (in response to sidde3)
Hello Bubul,

I am able to resolve the issue by following the approach listed here [1].

Some things to remember: Creating a delegating login module (for JBoss EAP 6.1 )

I will validate the approach that you have suggested and confirm soon.

Best Regards,
Nitin
Actions
20. Re: Define and use multiple security domains in JBoss EAP 7

bubul.dey Dec 7, 2016 11:30 AM (in response to nitin_jain)

Hi Nitin,

It will be great, if you can highlight what are changes you have made in
your code.

Regards,
Siddhartha
Actions
21. Re: Define and use multiple security domains in JBoss EAP 7

nitin_jain Dec 8, 2016 2:44 AM (in response to bubul.dey)
Hello Siddhartha,

In JBoss configuration the following changes were made.
     <subsystem xmlns="urn:jboss:domain:security:1.2">
            <security-domains>
                <security-domain name="RPJSFRealmNew" cache-type="default">
                    <authentication>
                        <login-module code="com.auth.login.module.RPCustomLoginModule" flag="required">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                    </authentication>
                </security-domain>
                <security-domain name="RPJSFRealmNew1" cache-type="default">
                    <authentication>
                        <login-module code="Database" flag="required">
                            <module-option name="dsJndiName" value="java:jboss/datasources/jdbc/rp-mysql"/>
                            <module-option name="principalsQuery" value="select password from user_login where email=?"/>
                            <module-option name="rolesQuery" value="select role_name, 'Roles' from user_role u where u.email=?"/>
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                    </authentication>
                </security-domain>
                <security-domain name="other" cache-type="default"/>   
               .......
          </subsystem>
Follow the instructions listed in the link [1] to create custom login module.
http://pilhuhn.blogspot.in/2013/05/creating-delegating-login-module-for.html

Best Regards,
Nitin
Actions
22. Re: Define and use multiple security domains in JBoss EAP 7

bubul.dey Dec 8, 2016 10:46 AM (in response to nitin_jain)

Hi Nitin,

Thank you, I have also did the same. Any how I used my own implementation
OS-level security. It was a great experience.

Thank you,
Siddhartha
Actions

1 2 Previous Next

Go to original post