Migrating From JBoss 5.1.0 GA to Wildfly
56 views
Skip to first unread message
Shawn White
Apr 25, 2023, 6:06:01 PM4/25/23
to WildFly
Looking for basic guidance if something is possible in Wildfly. Our current application uses JAAS, LoginModules and JBoss base classes. These JBoss LoginModule base classes are gone of course in Wildfly. Our application supports local users from via DB, LDAP, RADIUS, TACACS, and CACS. The user can switch between what they want to use with local users being a fallback. We are using JBoss's XmlLoginCofigMBean to reconfigure what LoginModule is active. Again, this MBean is not available in Wildfly.
Is there a mechanism in Elytron to dynamically (programmatically) reconfigure a security domain to include different Realms (similar to what is described above)?
LoginModule provide a Subject once authenticated, is there a way to continue using Subject and have SecurityIdentiy mapped to it? We are trying to minimize code changes if possible.
Any other general thoughts on how to try and tackle this problem?
Is there a mechanism in Elytron to dynamically (programmatically) reconfigure a security domain to include different Realms (similar to what is described above)?
LoginModule provide a Subject once authenticated, is there a way to continue using Subject and have SecurityIdentiy mapped to it? We are trying to minimize code changes if possible.
Any other general thoughts on how to try and tackle this problem?
Bartosz Baranowski
May 4, 2023, 11:49:18 AM5/4/23
to WildFly
Will custom login module + role mapper suffice?
https://docs.wildfly.org/27/wildscribe/subsystem/elytron/custom-role-mapper/index.html
https://stackoverflow.com/questions/73947956/how-to-migrate-legacy-login-module-to-jaas-realm
https://www.mastertheboss.com/jbossas/jboss-security/how-to-configure-an-elytron-jaas-security-realm/
As to retaining old code - Im honestly not sure. Though I did mock up older releases in isolated modules that served as bridge between old classes and new, though Im not sure how viable this option is here.
https://docs.wildfly.org/27/wildscribe/subsystem/elytron/custom-role-mapper/index.html
https://stackoverflow.com/questions/73947956/how-to-migrate-legacy-login-module-to-jaas-realm
https://www.mastertheboss.com/jbossas/jboss-security/how-to-configure-an-elytron-jaas-security-realm/
As to retaining old code - Im honestly not sure. Though I did mock up older releases in isolated modules that served as bridge between old classes and new, though Im not sure how viable this option is here.
Reply all
Reply to author
Forward
0 new messages