0 Replies Latest reply on May 7, 2015 1:39 AM by valsaraj viswanathan

    Caching of security credentials in WIldFly-8.2

    valsaraj viswanathan Master

      Hi,

       

      I would like to know how to cache security credentials in WIldFly-8.2. When I used JBoss-4.2.2.GA, it is cached with the following configuration:

      <!-- JAAS security manager and realm mapping -->

       

       

         <mbean code="org.jboss.security.plugins.JaasSecurityManagerService"

       

       

            name="jboss.security:service=JaasSecurityManager">

       

       

            <!-- A flag which indicates whether the SecurityAssociation server mode

       

       

            is set on service creation. This is true by default since the

       

       

            SecurityAssociation should be thread local for multi-threaded server

       

       

            operation.

       

       

            -->

       

       

            <attribute name="ServerMode">true</attribute>

       

       

            <attribute name="SecurityManagerClassName">org.jboss.security.plugins.JaasSecurityManager</attribute>

       

       

            <attribute name="DefaultUnauthenticatedPrincipal">anonymous</attribute>

       

       

            <!-- DefaultCacheTimeout: Specifies the default timed cache policy timeout

       

       

            in seconds.

       

       

            If you want to disable caching of security credentials, set this to 0 to

       

       

            force authentication to occur every time. This has no affect if the

       

       

            AuthenticationCacheJndiName has been changed from the default value.

       

       

            -->

       

       

            <attribute name="DefaultCacheTimeout">1800</attribute>

       

       

            <!-- DefaultCacheResolution: Specifies the default timed cache policy

       

       

            resolution in seconds. This controls the interval at which the cache

       

       

            current timestamp is updated and should be less than the DefaultCacheTimeout

       

       

            in order for the timeout to be meaningful. This has no affect if the

       

       

            AuthenticationCacheJndiName has been changed from the default value.

       

       

            -->

       

       

            <attribute name="DefaultCacheResolution">60</attribute>

       

       

            <!-- DeepCopySubjectMode: This set the copy mode of subjects done by the

       

       

            security managers to be deep copies that makes copies of the subject

       

       

            principals and credentials if they are cloneable. It should be set to

       

       

            true if subject include mutable content that can be corrupted when

       

       

            multiple threads have the same identity and cache flushes/logout clearing

       

       

            the subject in one thread results in subject references affecting other

       

       

            threads.

       

       

            -->

       

       

            <attribute name="DeepCopySubjectMode">false</attribute>

       

       

         </mbean>

       

      How to do this in WildFly-8.2?

       

      Thanks!