Version 10

    The upcoming WildFly 11 release includes a new security framework WildFly Elytron, a number of blog posts are being written by a number of engineers so this article is to try and collect references to them in one location.

     

    Although this initially contains links to blog posts written by the core engineering teams feel free to add links to any blog posts you write yourselves looking at different WildFly Elytron features and also links to other public blog posts you may find out there.

     

    Also if there are topics that may be useful to be blogged about please mention them in the comments, anyone looking for some inspiration to write a blog post will then hopefully have some ideas.

     

    Elytron and Kerberos using gssproxy

    Author - Jan Kalina

    Date - January 2018

    A blog post describing how configure Kerberos authentication in WildFly using Elytron.

    Honza's blog: Elytron and Kerberos using gssproxy

     

    Configuration of Kerberos with Elytron in WildFly

    Author - Jan Kalina

    Date - January 2018

    A blog post describing how configure Kerberos authentication in WildFly using Elytron.

    Honza's blog: Configuration of Kerberos with Elytron in WildFly

     

    SSL key switch without server restart

    Author - Jan Kalina

    Date - October 2017

    A blog post describing how to switch certificate and key used for SSL without WildFly restart.

    Honza's blog: SSL key switch without server restart

     

    Using OpenSSL with Wildfly and Elytron

    Author - Stuart Douglas

    Date - October 2017

    A blog post describing how to use OpenSSL in WildFly.

    Using OpenSSL with Wildfly and Elytron

     

    How to use an Elytron SASL mechanism that supports channel binding

    Author - Farah Juma

    Date - September 2017

    This blog post shows how to set up one-way SSL/TLS for the management interface and how to then use a SASL mechanism that supports channel binding to connect to the CLI.

    Farah Juma's Blog: How to use an Elytron SASL mechanism that supports channel binding

     

    WildFly Elytron - Add Kerberos Authentication to Existing Web Application

    Author - Darran Lofthouse

    Date - September 2017

    A blog post describing how to override the authentication policy of an existing web application and add SPNEGO authentication to it.

    Darran's WildFly Blog: WildFly Elytron - Add Kerberos Authentication To Existing Web Application

     

    Using WildFly Elytron with Undertow Standalone

    Author - Darran Lofthouse

    Date - September 2017

    Although developed for use within the WildFly application server the WildFly Elytron project can also be used in isolation, this blog post demonstrates how it can be used to secure an embedded Undertow server.

    Darran's WildFly Blog: Using WildFly Elytron with Undertow Standalone

     

    Getting started with EJBs and Elytron Part 1: Securing EJBs and invoking them from remote clients

    Author - Farah Juma

    Date - September 2017

    This blog post describes how to secure EJBs deployed to WildFly 11 using Elytron and how to invoke them from a standalone remote client using the new Naming Client and EJB Client libraries.

    Farah Juma's Blog: Getting started with EJBs and Elytron Part 1: Securing EJBs and invoking them from remote clients

     

    Getting started with EJBs and Elytron Part 2: EJB invocations from remote servers

    Author - Farah Juma

    Date - September 2017

    This blog post describes how to invoke EJBs deployed on a WildFly server instance from another WildFly server instance using Elytron.

    Farah Juma's Blog: Getting started with EJBs and Elytron Part 2: EJB invocations from remote servers

     

    WildFly Elytron - Principal Transformers, Realm Mappings, and Principal Decoders

    Author - Darran Lofthouse

    Date - July 2017

    To control the behaviour during authentication and authorization WildFly Elytron supports the use of various transformers, mappers, and decoders - this blog post describes how they fit together in the different stages of authentication.

    Darran's WildFly Blog: WildFly Elytron - Principal Transformers, Realm Mappings, and Principal Decoders

     

     

    WildFly Elytron - SSL Configuration

    Author - Darran Lofthouse.

    Date - February 2016

    An early blog post describing how SSL configuration was being centrally defined within a new subsystem.  Written early 2016 it is potentially due to be reviewed as exact commands may have evolved since it was written.

    Darran's WildFly Blog: WildFly Elytron - SSL Configuration