I am trying to get elytron security to work with active-mq on Wildfly 11. According to the Wildfly 11.0 Model Reference the attribute elytron-domain of the server element looked like a good candidate. Wildfly won't start with the elytron-domain attribute. It spits out:
445: | 446: | 447: | ^^^^ 'elytron-domain' isn't an allowed attribute for the 'server' element | | Attributes allowed here are: | async-connection-execution-enabled | persist-delivery-count-before-delivery | connection-ttl-override persist-id-cache | | id-cache-size persistence-enabled | | incoming-interceptors scheduled-thread-pool-max-size | | name thread-pool-max-size | | outgoing-interceptors wild-card-routing-enabled | | page-max-concurrent-io | | 448:
If I don't apply the attribute I see that the principal query is invoked by elytron, and elytron indicates "success" but then picketbox steps in and fails the authentication. At wits end here when the Wildfly 11.0 Model Reference misleads.
Model reference and its xml persistence location are not guaranteed to match - xml can change in future.
Use CLI command to define elytron domain [1].
[1] Messaging configuration - Latest WildFly Documentation - Project Documentation Editor