Activating jaspic in wildfly
bschatz Oct 18, 2019 10:19 AMWe have written a authenticaion (oidc) module on top of jaspic
for a seemless and transparent integration of applications
in our authentication infrastructure of our company.
With tomcat i have only to use a xml where i put the implementing class
that has to be registered as the config provider.
With wildfly i didnt find a simple way to get it work.
As a workaround i deploy now a small jar that register our AuthProvider class from our jboss-module (jfoss-java-server-extension)
with the help of CDI.
public class Jaspic implements Extension
{
private static final Logger LOG = Logger.getLogger(Jaspic.class.getName());
private boolean isInitialised = false;
public void init(@Observes final AfterDeploymentValidation event)
{
LOG.log(Level.INFO, () -> "AfterDeploymentValidation event received: " + event.toString());
if (isInitialised)
{
LOG.log(Level.INFO, () -> "Already initialized ");
return;
}
LOG.log(Level.INFO, () -> "Registering Jaspic Config Provider ...");
final String result = AuthConfigFactory.getFactory().registerConfigProvider(AuthProvider.class.getName();new HashMap<>(), "HttpServlet", null, null);
isInitialised = true;
LOG.log(Level.INFO, () -> "Registered Jaspic Config Provider: " + result + " with implementation " + AUTH_PROVIDER);
}
Our module is added as a global module that i activate with:
==================================================
/subsystem=security/security-domain=daimler-jfoss:add(cache-type=default)
/subsystem=security/security-domain=daimler-jfoss/authentication=jaspi:add()
/subsystem=security/security-domain=daimler-jfoss/authentication=jaspi/login-module-stack=dummy:add()
/subsystem=security/security-domain=daimler-jfoss/authentication=jaspi/login-module-stack=dummy/login-module=dummy:add(code=Dummy, flag=optional)
/subsystem=security/security-domain=daimler-jfoss/authentication=jaspi/auth-module=jaspi:add(code=dummy, module=jfoss-java-server-extension, flag=required)
/subsystem=undertow:write-attribute(name="default-security-domain", value="daimler-jfoss")
reload
What is the recommened way to do it ?