AuthorizationPlugin not working in domain mode
elias.adam Mar 1, 2016 9:56 AMHi,
I wrote an AuthorizationPluIn based on this tutorial, and working just fine in standalone mode, but not in domain mode. The wildfly can parse the configuration and start the server, and the application can deploy, but the users cannot log in. There is no error or exception just this in the log:
[Server:server-one] 14:18:59,911 DEBUG [org.jboss.security] (default task-3) PBOX00283: Bad password for username elias
public class PlugInProvider implements org.jboss.as.domain.management.plugin.PlugInProvider { @Override public AuthenticationPlugIn<Credential> loadAuthenticationPlugIn(String name) { System.out.println("PlugInProvider: loadAuthenticationPlugIn: " + name); return null; } @Override public AuthorizationPlugIn loadAuthorizationPlugIn(String name) { System.out.println("PlugInProvider: loadAuthorizationPlugIn: " + name); if ("MyPluginName".equals(name)) { return new MyAuthorizationPlugIn(); } return null; } }
The sysouts not showing up in the console or in the logs, but again it working in standalone mode and see the sysouts.
<?xml version="1.0" encoding="UTF-8"?> <module xmlns="urn:jboss:module:1.1" name="myModulName"> <properties> </properties> <resources> <resource-root path="plugin.jar"/> </resources> <dependencies> <module name="org.slf4j" /> <module name="oracle.jdbc"/> <module name="javax.api"/> <module name="org.jboss.as.domain-management"/> </dependencies> </module>
host.xml
<security-realm name="MyRealm"> <plug-ins> <plug-in module="myModulName"/> </plug-ins> <authentication> <ldap ..."> ... </ldap> </authentication> <authorization> <plug-in name="MyPluginName"> <properties> ... </properties> </plug-in> </authorization> </security-realm> </security-realms> <outbound-connections> <ldap .../> </outbound-connections>
domain.xml:
<security-domain name="other" cache-type="default"> <authentication> <login-module code="Remoting" flag="optional"> <module-option name="password-stacking" value="useFirstPass"/> </login-module> <login-module code="RealmDirect" flag="optional"> <module-option name="password-stacking" value="useFirstPass"/> </login-module> <login-module name="MyRealmDirect" code="RealmDirect" flag="required"> <module-option name="realm" value="MyRealm"/> <module-option name="password-stacking" value="useFirstPass"/> </login-module> </authentication> </security-domain>
I am using Wildfly 9.0.2 Final but i tried it on 10.0.0.Final as well.