0 Replies Latest reply on Jul 31, 2015 5:57 PM by Drew Wharton

    Developing customized login logic for Wildfly Application

    Drew Wharton Newbie



      I am currently tasked with developing a generalized authentication module for Wildfly and I'm in a bind with not knowing how to go about it.  I'm trying to build servlets that would receive the user's credentials in the request parameters or get a user's x509 cert and then authenticate them and create their session with their associated roles.  After researching it seems that I need to use JASPIC bridged with JAAS, but I have a couple of questions from here:

      1. I've tried registering my custom ServerAuthModule in the standalone within the "<authentication-jaspi><auth-module>...." tags but I'm getting an error with undertow saying "Error getting ServerAuthContext for authContextId...".  Obviously, I'm doing something wrong, so how would I go about correcting this?  Do I need to implement all of the classes as shown on this blog: Arjan Tijms' Weblog: Implementing container authentication in Java EE with JASPIC
      2. How would I got about designing the ServerAuthModule so that I can add multiple implementations of the LoginModule calls so I can add custom callback handlers to the LoginModule in JAAS?  I currently require a username/password login and an x509 cert login, but the requirements in the future may include things like LDAP logins so I need it to allow for extensibility.


      Hopefully someone can help me or point me in the direction of a good example to follow.


      Thanks for your time.