2 Replies Latest reply on Oct 27, 2017 10:35 AM by Paramvir Jindal

    Wildfly Authentication with UsersRoles doesn't work

    David Asmel Newbie

      I have two JBoss Servers, one is JBoss7 the other one is wildfly. I have a EJB service on JBoss7 and it should call the a rest service on Wildfly10. The rest Service on Wildfly10 is authenticated.

       

      In jboss-web.xml is the security domain already setted.

       

      <?xml version="1.0" encoding="UTF-8"?>

      <jboss-web xmlns="http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd">

          <security-domain>test</security-domain>

      </jboss-web>

       

      I have also done the necessary settings of roles in web.xml.

       

      <?xml version="1.0" encoding="UTF-8"?>

      <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"

               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

               xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

       

       

          <login-config>

              <auth-method>BASIC</auth-method>

              <realm-name>test</realm-name>

          </login-config>

       

          <security-role>

              <role-name>Starter</role-name>

          </security-role>

       

       

          <security-constraint>

              <web-resource-collection>

                  <web-resource-name>test</web-resource-name>

                  <description>something</description>

                  <url-pattern>/test/*</url-pattern>

              </web-resource-collection>

              <auth-constraint>

                  <role-name>Starter</role-name>

              </auth-constraint>

          </security-constraint>

       

       

      </web-app>

       

      In my standalon.xml of wildfly i have added the security-domain like so:

      <security-domain name="test" cache-type="default">

                          <authentication>

                            <login-module code="UsersRoles" flag="required">

                                  <module-option name="usersProperties" value="file://${jboss.server.config.dir}/callback-users.properties"/>

                                  <module-option name="rolesProperties" value="file://${jboss.server.config.dir}/callback-roles.properties"/>

                              </login-module>

                          </authentication>

      </security-domain>

       

      Under the configuration directory i have added the credentials and roles with clear text into the callback-users.properties and callback-roles.properties.

       

      The request from JBoss7 is encoded with Base64 and it should have no problem. But i got only the following exception:

       

      javax.ejb.EJBAccessException: WFLYSEC0027: Invalid User

       

      Any one any suggestion? Thanks a lot in Advance

       

      David