2 Replies Latest reply on Sep 15, 2016 12:30 AM by jaikiran pai

    Custom auth method and login module/identity manager in wildfly and undertow

    Marc Rosenthal Newbie

      I am trying to implement a simple custom auth method and login module that can handle JWT, but for a few reasons I don’t want to use keycloak.  I think am are close, but I have a few questions for which I can’t find answers and I was hoping you can find some time to help me. 


      I am using wildly-9.0.2 for now.  We will upgrade to 10.1.0 soon, but for now, it has to be on the old version.


      Here is how I understand the flow.


      Create an implementation of io.undertow.security.api.AuthenticationMechanism


      this authentication mechanism retrieves an io.undertow.security.idm.IdentityManager


      in Wildfly, the Identify Manager is a LoginModule, which I have coded.


      Here is one of my questions.  I want to use the JAASIdentityManagerImpl to wrap my LoginModule in an IdentityManager, but I can’t figure out how to do this.


      I am seen implementations of ServletExtension with methods like:


      public void handleDeployment(DeploymentInfo deploymentInfo, ServletContext servletContext) {

              deploymentInfo.addAuthenticationMechanism("jwtjaas", new Factory());



      but by new standards (indicated by deprecated methods), I should be passing an IdentityManager to the AuthenticationMechanismFactory, and I don’t know where that would come from.


      My next problem, is how to setup and include the module so that I can use it in the web.xml.