[jboss-dev-forums] [PicketBox Development] - JBoss AS7: Security : Custom Login Modules

Ondrej Lukas [https://community.jboss.org/people/olukas] modified the document: "JBoss AS7: Security : Custom Login Modules" To view the document, visit: https://community.jboss.org/docs/DOC-17357 -------------------------------------------------------------- When you write your own custom login module (or Authorization Module or Audit Provider or Mapping Provider), then you have two choices as to where the class files exist in JBoss AS7.1 h2. Options h2. 1. Package them as part of your EE archives (such as WEB-INF/classes or WEB-INF/lib) 2. Place in a separate module in the modules directory of JBoss AS 7.1 Option 1 is covered in https://community.jboss.org/docs/DOC-16811 http://community.jboss.org/wiki/JBossAS7SecurityDomainModel Option 2 is described here with an example: Assume we have a web application called form-auth.war  which utilizes form authentication. It is attached to the article. It uses a security domain form-auth that will be defined in standalone/configuration/standalone.xml as follows: <security-domain name="form-auth" cache-type="default">     <authentication>          <login-module code="custom.MyLoginModule" flag="required" module="custom_module">               <module-option name="usersProperties" value="users.properties"/>               <module-option name="rolesProperties" value="roles.properties"/>          </login-module>     </authentication> </security-domain> In the example, we have a custom login module called "custom.MyLoginModule" which resides in a custom jboss module called as custom_module.  The module attribute on the login-module xml element specifies where the login module code resides. CLI: security-domain can be created as follows: /subsystem=security/security-domain=form-auth:add /subsystem=security/security-domain=form-auth/authentication=classic:add(login-modules=[{"code"=>"custom.MyLoginModule", "flag"=>"required", "module"=>"custom_module", "module-options"=>[("usersProperties"=>"users.properties"), ("rolesProperties"=>"roles.properties")]}]) Note: You will have to download the attached custom_module.zip and unzip it in the modules directory of AS7.1 jboss-as-7.1.0.Alpha2-SNAPSHOT/modules$ ls -la drwxrwxr-x.  3 anil anil 4096 Nov 16 14:53 asm drwxrwxr-x.  3 anil anil 4096 Nov 16 14:53 ch drwxrwxr-x.  5 anil anil 4096 Nov 16 14:53 com drwxrwxr-x.  3 anil anil 4096 Nov 16 14:57 custom_module drwxrwxr-x.  3 anil anil 4096 Nov 16 14:53 gnu drwxrwxr-x.  3 anil anil 4096 Nov 16 14:53 javaee drwxrwxr-x. 25 anil anil 4096 Nov 16 14:54 javax drwxrwxr-x.  3 anil anil 4096 Nov 16 14:53 jline drwxrwxr-x.  3 anil anil 4096 Nov 16 14:53 juddi drwxrwxr-x.  3 anil anil 4096 Nov 16 14:53 net drwxrwxr-x. 23 anil anil 4096 Nov 16 14:54 org drwxrwxr-x.  3 anil anil 4096 Nov 16 14:54 sun If everything is ok, when you start AS7.1, then you should be able to access http://localhost:8080/form-auth/ http://localhost:8080/form-auth/ Username: anil Password: anil The source code for *+"custom.MyLoginModule"+* login module is packaged in the jar of custom_module.zip. It is also given here: package custom;   import javax.security.auth.login.LoginException; import org.jboss.security.auth.spi.UsersRolesLoginModule;   public class MyLoginModule extends UsersRolesLoginModule {   public boolean login() throws LoginException {       return super.login(); } } h2. h2. Things to remember * When you create your own module, *do not forget to add dependency on "org.picketbox" and "javax.api" in the module.xml of your custom module*. h2. h2. References * https://issues.jboss.org/browse/AS7-2675 https://issues.jboss.org/browse/AS7-2675 -------------------------------------------------------------- Comment by going to Community [https://community.jboss.org/docs/DOC-17357] Create a new document in PicketBox Development at Community [https://community.jboss.org/choose-container!input.jspa?contentType=102&a...]