Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-3696

Security domain configuration doesn't allow empty or missing login-module-stack

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 9.0.0.Final
    • 8.1.0.Final
    • Security
    • None

      https://bugzilla.redhat.com/show_bug.cgi?id=901075 description:

      project_key: JBPAPP6

      Adding a security domain with JASPI authentication fails if there is no (or is empty) login-module-stack. It should be possible to add custom ServerAuthModule, which doesn't use JAAS login modules.

      <security-domain name="jmx-console" cache-type="default">
	<authentication-jaspi>

		<!-- FIXME: the not empty login-module-stack must be provided even it's not used -->
		<login-module-stack name="lm-stack">
			<login-module code="UsersRoles" flag="required"/>
		</login-module-stack>

		<auth-module code="org.jboss.example.CustomServerAuthModule" flag="required">
			<module-option name="option1" value="value1" />
		</auth-module>
	</authentication-jaspi>
</security-domain>

      It should be possible to remove here the login-module-stack element.

            chaowan@redhat.com Chao Wang
            chaowan@redhat.com Chao Wang
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: