8 Replies Latest reply on Nov 9, 2015 8:39 AM by Eric Wittmann

    How to enforce webapp authentication but not authorization

    Eric Wittmann Apprentice

      Short question:

      Is there a way to require users to authenticate without to a webapp without requiring the user to have any roles?


      More detail:

      If I use a login module that doesn't return any roles (or more simply, if I use standard wildfly app authentication and I add a user via add-user.sh and leave the 'roles' field empty), is it then possible for that user to authenticate into a web app?


      It seems that the web.xml requires an auth-constraint (role).  For example:




      But let's say I'm using LDAP to authenticate and my directory doesn't have any roles/groups configured.  Is there a way to not require the auth-constraint?


      If not, is there a way to make wildfly automatically add a role whenever a user authenticates?