3 Replies Latest reply on Jun 26, 2019 5:08 AM by valsaraj viswanathan

    How to migrate JAAS security domain to WildFly 16

    valsaraj viswanathan Master

      How to migrate JAAS security domain to WildFly 16 Elytron model?

       

      Here is the security domain:

      <security-domain name="appLDAP" cache-type="default">

                              <authentication>

                                  <login-module name="KeyLoginModule" code="org.app.security.auth.AppLoginModule" flag="required" module="com.app.configuration">

                                      <module-option name="principalDNPrefix" value="uid"/>

                                      <module-option name="principalDNSuffix" value="ou=people,dc=app,dc=com"/>

                                      <module-option name="rolesCtxDN" value="ou=groups,dc=app,dc=com"/>

                                      <module-option name="roleAttributeID" value="cn"/>

                                      <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>

                                      <module-option name="java.naming.provider.url" value="ldaps://localhost:636"/>

                                  </login-module>

                                  <login-module name="ClientLoginModule" code="org.jboss.security.ClientLoginModule" flag="required">

                                      <module-option name="restore-login-identity" value="true"/>

                                  </login-module>

                              </authentication>

      </security-domain>

       

      Here is the realm:

      <security-realm name="SSLRealm">

                      <server-identities>

                          <ssl>

                              <keystore provider="PKCS12" path="webserver.p12" relative-to="jboss.domain.config.dir" keystore-password="****"/>

                          </ssl>

                      </server-identities>

                      <authentication>

                          <jaas name="appLDAP"/>

                      </authentication>

                  </security-realm>

      </security-realm>