Hi there,

On Mon, Jun 8, 2015 at 8:26 PM, Stefan Guilhen <sguilhen@redhat.com> wrote:
The TCK coverage (or lack thereof) has nothing to do with the ability to configure custom JACC providers. If we didn't support it not a single test of the JACC testsuite would pass so the TCK is not to be blamed in this case.

Well, one of the requirements of JACC is that the Java EE product has a default JACC provider (which implements the authorization algorithms as defined by both the Servlet and EJB containers). So it could *theoretically* have been the case that the TCK only tests that one. Of course I don't know if this is indeed the case.

JBoss indeed has such a default provider. However, the spec also requires (I think) that in a full Java EE server all authorization decisions (for the APIs defined by Servlet and EJB) go via JACC, which clearly does not happen in JBoss. As far as I know, only GlassFish really does this, while TMaxSoft JEUS comes close.


 
The JASPIC testsuite is another story and I think we both agree that it is broken from our previous conversations. Arun's JEE testsuite, to which you contributed your JASPIC tests, has been much more valuable as a tool to validate the implementation than the TCK itself.

I'm really glad they helped ;)

 

Having said that, the documentation does really seem to be missing a section about custom JACC providers so I went to check the TCK setup. It looks like the TCK JACC providers are bundled in a jar and this jar is being set as a resource of the org.jboss.as.security module. I'm not sure why it was done this way but I believe it should be also possible to define your own module containing the classes and then wire it to the security module as a dependency instead of a resource.

Hmmm, how would one go about doing that exactly? I think I created a module for my custom JACC provider, then set that as a dependency for the security module (since that was the place the default implementation lives), but it again did not work (class not found exceptions). Could well be the case that I did something wrong, so an example would be great.

Kind regards,
Arjan Tijms

 



Those properties are of course supported, but where does one put the classes (or jar containing these classes)? I tried for hours at end and asked in the JBoss forum, but it never became clear. The documentation doesn't mention it either. See this for my question about this: https://developer.jboss.org/thread/254106

Would be really cool if the location could become clear. Thanks!

Kind regards,
Arjan Tijms


















 


Kind regards,
Arjan Tijms


_______________________________________________
wildfly-dev mailing list
wildfly-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/wildfly-dev


_______________________________________________
wildfly-dev mailing list
wildfly-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/wildfly-dev