0 Replies Latest reply on Jun 14, 2015 8:19 AM by Gaurav Dubey

    Deploy custom login module without security domain in JBoss AS7

    Gaurav Dubey Newbie

      I am new to JBoss deployment. I am deploying ear file in JBoss AS7 application server. Ear file consists of login module which validates user name/password from database. What i understand from many articles that following configuration needs to be done in JBoss standalone.xml file

      <security-realm name="MyRealm"> <authentication> <jaas name="MySecurityDomain"/> </authentication> </security-realm>

      <security-realm name="MyRealm"> <authentication> <jaas name="MySecurityDomain"/> </authentication> </security-realm>

      <security-domain name="MySecurityDomain" cache-type="default"> <authentication> <login-module code="Remoting" flag="optional"> <module-option name="password-stacking" value="useFirstPass"/> </login-module> <login-module code="org.myApp.security.jaas.MyLoginModule" flag="required" module="deployment.myApp.ear"> <module-option name="usersProperties" value="${jboss.server.config.dir}/my-users.properties"/> <module-option name="rolesProperties" value="${jboss.server.config.dir}/my-roles.properties"/> <module-option name="password-stacking" value="useFirstPass"/> </login-module> </authentication> </security-domain>

      My question is do I really need to create application specific security domain? Is it possible to configure custom login module without creating security domain? If yes please suggest me how can i do that?

      Also one question, what i understand is in jndi i am supposed to provide username password required for my custom login module instead of JBoss user name. Please also let me know if this is correct?