1 2 Previous Next 22 Replies Latest reply on Dec 8, 2016 10:46 AM by Bubul Dey

    Define and use multiple security domains in JBoss EAP 7

    Nitin Jain Newbie

      Hello Forum,

       

      In my application till now, I had defined one security domain to authenticate the users.

       

      JBoss Configuration

      <security-domain name="JSFRealm1" cache-type="default">

          <authentication>

             <login-module code="Database" flag="required">

                <module-option name="dsJndiName" value="java:jboss/datasources/jdbc/mysql-1"/>

                <module-option name="principalsQuery" value="select password from user_login where email=?"/>

                <module-option name="rolesQuery" value="select role_name, 'Roles' from user_role u where u.email=?"/>

             </login-module>

          </authentication>

      </security-domain>

       

      jboss-web.xml

      <jboss-web>

         <security-domain>java:/jaas/JSFRealm1</security-domain>

      </jboss-web>

       

      Login Bean

          public String login() throws IOException {

              String navigation = "";

              FacesContext context = FacesContext.getCurrentInstance();

              ExternalContext externalContext = context.getExternalContext();

              HttpServletRequest request = (HttpServletRequest) externalContext.getRequest();

              try {

                  Principal userPrincipal = request.getUserPrincipal();

                  if (null != userPrincipal) {

                      request.logout();

                  }

                  request.login(email, password);

                  HttpSession session = Util.getSession();

                  session.setAttribute("loginName", email);

                  userPrincipal = request.getUserPrincipal();

                  if (request.isUserInRole(AppUserRole.APP_ADMIN.toString())) {

                      message = "Logged in as application administrator!";

                      navigation = "appAdmin";

                      userDetailsVO.setRole(AppUserRole.APP_ADMIN.toString());

                  } else if (request.isUserInRole(AppUserRole.PROJECT_USER.toString())) {

                      message = "Logged in as project administrator!";

                      navigation = "projUser";

                      userDetailsVO.setRole(AppUserRole.PROJECT_USER.toString());

                  }

                  userDetailsVO.setUserName(email);

                  return navigation;

              } catch (ServletException e) {

                  // Handle unknown username/password in request.login().

                  context.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_WARN, "Invalid Login!", "Please Try Again!"));

                  return "login";

              }

          }

       

      Query

      There is a requirement now to use different databases to authenticate 2 different set of users. The databases cannot be merged. Is it possible to define a new security domain (show below) and then choose a particular domain to authenticate the user based on the differentiator?

       

      JBoss Configuration

      <security-domain name="JSFRealm1" cache-type="default">

          <authentication>

             <login-module code="Database" flag="required">

                <module-option name="dsJndiName" value="java:jboss/datasources/jdbc/mysql-1"/>

                ...................................

             </login-module>

          </authentication>

      </security-domain>

      <security-domain name="JSFRealm2" cache-type="default">

          <authentication>

             <login-module code="Database" flag="required">

                <module-option name="dsJndiName" value="java:jboss/datasources/jdbc/mysql-2"/>

                .................................................

             </login-module>

          </authentication>

      </security-domain>

       

      jboss-web.xml

      <jboss-web>

         <security-domain>java:/jaas/JSFRealm1</security-domain>

      </jboss-web>

       

      <jboss-web>

         <security-domain>java:/jaas/JSFRealm2</security-domain>

      </jboss-web>

       

      Please advise.

       

      Best Regards,

      Nitin

        1 2 Previous Next