Profile Photo
We are having trouble getting LDAPS referrals working with an Elytron LDAP realm. The issue is the following stack trace.   javax.security.sasl.SaslException: ELY05012: Authentication mechanism server-side authentication failed [Caused by org.wildfly.security.auth.server.RealmUnavailableException: ELY01153: Direct LDAP verification failed with DN… (Show more)
in WildFly
Profile Photo
Can a user that has been successfully logged in in an app deployed on a WF13+ server be logged out programatically (somewhat similar to flushing a user from the jass login cache) ? I would like to "forcefully" log him out based on some conditions.   Is something like that possible ?
in WildFly
Profile Photo
I'm using WildFly13 and Elytron. This setup was migrated from a WF9 with the old security implementation from WF. The "original" implementation had a custom login module, in which I had a class that was extending org.jboss.security.auth.spi.DatabaseServerLoginModule.   In this class I would do additional actions depending on whether the login… (Show more)
in WildFly
Profile Photo
The WildFly 11 release includes a new security framework WildFly Elytron, a number of blog posts are being written by a number of engineers so this article is to try and collect references to them in one location.   Although this initially contains links to blog posts written by the core engineering teams feel free to add links to any blog posts…
in WildFly
Profile Photo
With WildFly 14, it is now possible to obtain and manage certificates from the Let’s Encrypt certificate authority using the WildFly CLI. In particular, it is possible to get a certificate from Let’s Encrypt, revoke it if necessary, and check if it’s due for renewal. This blog post is going to give an overview of these new operations.   … (Show more)
in Farah Juma's blog posts
Profile Photo
Hi all   Is it possible to disable HTTP/2 while still keeping HTTPS (TLS CA provided certificate)?   Kind regards,   George
in WildFly
Profile Photo
With WildFly 13, there’s a new way to configure permissions in the Elytron subsystem. In particular, it is now possible to configure permissions using a new permission-set resource.   Configuring permission sets  Adding a permission-set takes the following general form:  … (Show more)
in Farah Juma's blog posts