[jboss-jira] [JBoss JIRA] (WFCORE-4048) Unable to configure custom security realm in deployment

Darran Lofthouse (JIRA) issues at jboss.org
Tue Aug 21 07:39:00 EDT 2018 

     [ https://issues.jboss.org/browse/WFCORE-4048?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse reassigned WFCORE-4048:
----------------------------------------

    Assignee:     (was: Darran Lofthouse)


> Unable to configure custom security realm in deployment
> -------------------------------------------------------
>
>                 Key: WFCORE-4048
>                 URL: https://issues.jboss.org/browse/WFCORE-4048
>             Project: WildFly Core
>          Issue Type: Feature Request
>          Components: Security
>    Affects Versions: 6.0.0.CR2
>            Reporter: Martin Choma
>
> Original user report [1]:
> Hello everyone, I am migrating from legacy security to Elytron, and I have a problem. Is there anyone who can help me? We have a custom login-module that queries infinispan cache (which maps simple bearer tokens to user names), and then queries the database (to get user roles), and on commit essentially wraps it up in Principal object. Elytron doesn't have login-modules, but security realms. There is no default realm that matches our desired functionality, so we need to define a new custom-realm. The problem is, security realms can be defined with classes in wildfly "modules", not deployments. And since "modules" can't contain EJB's, I can't inject neither infinispan cache nor database entity manager in the code. Please help what is the right way to go here
> I was thinking about it and I have come to conclusion that Elytron is not able to do the same as legacy. I assume that user is right that you cant use EE features in modules. And it looks to me Elytorn does not allow dependency on deployment module. Because Elytron checks existance of module in time of starting and deployment can be not loaded yet. In legacy existance verification is apparently postponed to time of usage.
> So I assume in legacy you can define custom login module in deployment (with EE annotations) and register such login module in security subsystem. And dependencies are resolved in runtime and not in boottime.
> [1] https://wildfly.hipchat.com/embedded/history/room/699248/2018/07/18?p=1&q=custom%20login%20module&t=rid-699248#71f1e936-7176-487f-82eb-8ce37ebc1977



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list