Hello everyone,
I'm doing a comparison between the different server configuration
files generated in normal distribution and servlet-distribution,
basically working on [1].
The security subsystem in the servlet distribution does not have
these security domains configured whereas they are in the normal
distribution:
<subsystem
xmlns="urn:jboss:domain:security:2.0">
<security-domains>
...
<security-domain name="jboss-web-policy"
cache-type="default">
<authorization>
<policy-module code="Delegating"
flag="required"/>
</authorization>
</security-domain>
<security-domain name="jboss-ejb-policy"
cache-type="default">
<authorization>
<policy-module code="Delegating"
flag="required"/>
</authorization>
</security-domain>
<security-domain name="jaspitest" cache-type="default">
<authentication-jaspi>
<login-module-stack name="dummy">
<login-module code="Dummy" flag="optional"/>
</login-module-stack>
<auth-module code="Dummy"/>
</authentication-jaspi>
</security-domain>
<security-domains>
I understand jboss-ejb-policy should not be configured because the
servlet-distribution does not use ejbs, but what about jaspitest?
I have no clue if it has to be included or not in the
servlet-distribution.
Do you know if we should include it?
Regards,
Yeray
[1] https://issues.jboss.org/browse/WFLY-10421