[jboss-jira] [JBoss JIRA] (WFLY-3696) Security domain configuration doesn't allow empty or missing login-module-stack
Chao Wang (JIRA)
issues at jboss.org
Thu Jul 31 03:54:29 EDT 2014
Chao Wang created WFLY-3696:
-------------------------------
Summary: Security domain configuration doesn't allow empty or missing login-module-stack
Key: WFLY-3696
URL: https://issues.jboss.org/browse/WFLY-3696
Project: WildFly
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Security
Affects Versions: 8.1.0.Final
Reporter: Chao Wang
Assignee: Chao Wang
https://bugzilla.redhat.com/show_bug.cgi?id=901075 description:
project_key: JBPAPP6
Adding a security domain with JASPI authentication fails if there is no (or is empty) login-module-stack. It should be possible to add custom ServerAuthModule, which doesn't use JAAS login modules.
{code:xml}
<security-domain name="jmx-console" cache-type="default">
<authentication-jaspi>
<!-- FIXME: the not empty login-module-stack must be provided even it's not used -->
<login-module-stack name="lm-stack">
<login-module code="UsersRoles" flag="required"/>
</login-module-stack>
<auth-module code="org.jboss.example.CustomServerAuthModule" flag="required">
<module-option name="option1" value="value1" />
</auth-module>
</authentication-jaspi>
</security-domain>
{code}
It should be possible to remove here the login-module-stack element.
--
This message was sent by Atlassian JIRA
(v6.2.6#6264)
More information about the jboss-jira
mailing list