10 Replies Latest reply on Feb 7, 2018 11:39 AM by Martin Choma

    Elytron:  FORM and BASIC Authentication in the same Application

    Ray Ramos Newbie

      I have an application that we are moving off of WebSphere and considering Wildfly/JBoss.  The application requires that human data entry be secured through FORM authentication (j_security_check), and, it requires that machines can enter data, via a REST API, using BASIC.  It seems that the legacy security system around JAAS has a hard time with these requirements.

       

      I did find this thread, but was still unclear. wildfly Elytron Security-Domain with multiple Security-Realm

       

      In other words, I have one application that needs multiple authentication and authorization mechanisms depending on if the client is a human or a machine.  Can Elytron support these requirements?  My team is willing to learn about Elytron, but first I need to do my due diligence and determine if a Wildfly platform is capable in the first place.  Also, a basic high level solution design would also be appreciated.  Maybe JASPIC instead?

       

      Thanks in Advance, Ray