I'm on JBoss 7.1.1.Final and using whatever the stock HornetQ is in that distribution.
I would like to use JAAS as my authentication instead of the current "ApplicationRealm" that I'm using.
This is what my remoting subsystem looks like from my standalone-full.xml:
<subsystem xmlns="urn:jboss:domain:remoting:1.1"> <connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/> </subsystem>
Earlier in my standalone-full.xml ApplicationRealm is defined like this:
<security-realm name="ApplicationRealm"> <authentication> <properties path="application-users.properties" relative-to="jboss.server.config.dir"/> </authentication> </security-realm>
So currently I have HornetQ using just a regular properties file to authenticate, but I need to use JAAS instead.
I also have a security domain (which I just did my best at porting over from our old JBoss 5.1.0GA days - the code is untested) which uses the JAAS login module I would like to use for HornetQ:
<security-domain name="myapp" cache-type="default"> <authentication> <login-module code="com.mycompany.myapp.user.UserLoginModule" flag="required"/> </authentication> </security-domain>
I had been trying to follow the HornetQ documentation on using JAAS here:
(From a HornetQ distribution I downloaded) $INSTALL_DIR/hornetq-2.2.14.Final/examples/jms/jaas/readme.html
Some notes on HornetQ Configuration
(Section 6.. 6.6 and 6.7) http://docs.jboss.org/hornetq/2.2.2.Final/user-manual/en/html_single/index.html
But I was wondering if there's an easier way to accomplish JAAS authentication?
I was wondering if it was possible to take the "myapp" security domain and use it as an authentication mechanism in a security realm like so? :
<security-realm name="MessagingRealm"> <authentication> <jaas name="myapp"/> </authentication> </security-realm>
Then the remoting subsystem looks like so:
<subsystem xmlns="urn:jboss:domain:remoting:1.1"> <connector name="remoting-connector" socket-binding="remoting" security-realm="MessagingRealm"/> </subsystem>
I'm wondering if this approach works to accomplish having JAAS as a part of HornetQ?
I've been tinkering with it and it's not clear that any of the logger messages I have put in my com.mycompany.myapp.user.UserLoginModule are getting called.
So I'm interested if anyone in the community can shed some light on this because I'm not sure what to try next.