2 Replies Latest reply on Sep 15, 2016 12:30 AM by jaikiran

    Custom auth method and login module/identity manager in wildfly and undertow

    mandrosen

      I am trying to implement a simple custom auth method and login module that can handle JWT, but for a few reasons I don’t want to use keycloak.  I think am are close, but I have a few questions for which I can’t find answers and I was hoping you can find some time to help me. 

       

      I am using wildly-9.0.2 for now.  We will upgrade to 10.1.0 soon, but for now, it has to be on the old version.

       

      Here is how I understand the flow.

       

      Create an implementation of io.undertow.security.api.AuthenticationMechanism

       

      this authentication mechanism retrieves an io.undertow.security.idm.IdentityManager

       

      in Wildfly, the Identify Manager is a LoginModule, which I have coded.

       

      Here is one of my questions.  I want to use the JAASIdentityManagerImpl to wrap my LoginModule in an IdentityManager, but I can’t figure out how to do this.

       

      I am seen implementations of ServletExtension with methods like:

       

      public void handleDeployment(DeploymentInfo deploymentInfo, ServletContext servletContext) {

              deploymentInfo.addAuthenticationMechanism("jwtjaas", new Factory());

          }

       

      but by new standards (indicated by deprecated methods), I should be passing an IdentityManager to the AuthenticationMechanismFactory, and I don’t know where that would come from.

       

      My next problem, is how to setup and include the module so that I can use it in the web.xml.