AS7/EAP6 : Custom Authenticator Valves - Writing and Configuring

Configuring Valves

Valves can be configured in AS7/EAP6 in an application's jboss-web.xml file by adding the following to the <jboss-web> element where "" can be replaced with the desired Valve.[1]



Another example using a custom authenticator valve:



Note that here we added additional configuration using the <param> element, which is similar to the <attribute> element used in previous versions when configuring valves using context.xml file.


Writing Custom Authenticators

Custom authenticators can be written by either implementing the Authenticator Interface [2] or extending already implemented Authenticators [3]. An example of the later is detailed by Anil Saldhana in his community post [4]. However, due to changes in jboss-web, in AS7/EAP6 the authenticate() method's signature has changed [2,5]. This is important to note when porting the code at [4] or any old custom authenticators to AS7/EAP6.


The required signature for the authenticate() method is:

public boolean authenticate(Request request, HttpServletResponse response)
        throws IOException, ServletException;


The modified version of an extended custom authenticator valve from [4] is provided in the attachment, which extends the ExtendedFormAuthenticator class.


An example of using this custom authenticator is provided here. We base this example on the AS7/EAP6 quick-start "servlet-security". The source code is provided in the attached file and the war is attached as jboss-as-servlet-security.war. The changes that were made are as follows:

  • Modified dependencies in pom.xml
  • Added
  • Modified WEB-INF/jboss-web.xml
  • Added <form-login-config> to WEB-INF/web.xml as we are are using a form based authentication here
  • Added login.html, error.html for form based authentication


To deploy this webapp,


Important Note: This is just a quick example of how to use a custom authenticator valve. This is not production code.


If you are writing your own authenticator valves, [2,3] can be very useful references.