5 Replies Latest reply on Jun 11, 2018 3:48 PM by yhrush

    WildFly 13 security configuration

    yhrush

      Hello folks,

       

      The news says that WildFly 13 supports JEE Security 1.0 in the preview mode. So I am trying to configure a servlet 4.0 with basic auth mechanism and then modify it to my needs. Everything works with web.xml but not with annotations.

      I have enabled JEE8 preview mode on my WildFly13 and wrote the code:

       

      @BasicAuthenticationMechanismDefinition
      @ServletSecurity(@HttpConstraint(rolesAllowed = "user"))

      @DeclareRoles("user")

      @WebServlet(urlPatterns = "/user")

      public class Servlet extends HttpServlet {

       

         @Override
         protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

             resp.getOutputStream().print("Hello from servlet");

        }

      }

       

      This code successfully secure the servlet but authentication mechanism does not work. I tried to change it to @FormAuthenticationMechanismDefinition and even wrote custom implementation of HttpAuthenticationMechanism with no luck.

       

      Am I missed something? Should I make any other configurations?

       

      Thanks in advance,

      Yevheniy.