Wildfly 27 alpha: do I need to disable integrated-jaspi?

25 views
Skip to first unread message

Andrew Hughes

unread,
Sep 25, 2022, 1:11:33 PMSep 25
to WildFly
Hello,

I'm working on a simple proof-of-concept servlet for Wildfly 27 alpha5 with Jakarta EE 10. I was looking at some other example code and saw the following configuration that seems to be disabling integrated JASPI in the JBoss/Undertow server.

Is this still necessary?

<plugin>
<groupId>org.wildfly.plugins</groupId>
<artifactId>wildfly-maven-plugin</artifactId>
<version>${wildfly-maven-plugin.version}</version>
<configuration>
<commands>
<command>/subsystem=undertow/application-security-domain=other:write-attribute(name=integrated-jaspi, value=false)</command>
<command>reload</command>
</commands>
</configuration>
</plugin>

Darran Lofthouse

unread,
Sep 26, 2022, 10:46:34 AMSep 26
to WildFly
For now yes is needed, we do still want to revisit this part.

When an identity is established using Jakarta Authentication we attempt to map it to an identify in the underlying security domain i.e. we can use the standard callbacks and support things like password validation.  Turning off integrated-jaspi means instead an ad-hoc identity is created instead and the ServerAuthModule takes responsibility for all validation of credentials etc...

Reply all
Reply to author
Forward
0 new messages