On 06/08/2015 07:08 AM, arjan tijms wrote:

Theoretically, this is where JACC could come in according to the Java EE standards. This would allow you to implement your own (optimized if necessary) logic for "is user/caller in role".

However despite being Java EE 7 certified, it seems it's not actually possible to install a JACC provider on JBoss. This is a bit of a spec hole, unfortunately. Most of the code seems to be there in JBoss (WildFly), but there's just no place where you can actually put your own JACC provider.

Huh? We would not be certified if we didn't support custom providers as the TCK requires the installation of its own provider. The javax.security.jacc.PolicyConfigurationFactory.provider and javax.security.jacc.policy.provider system properties are both supported by WildFly.

Kind regards,
Arjan Tijms

wildfly-dev mailing list