Multiple login-config
48 views
Skip to first unread message
Mansour Al Akeel
Nov 25, 2024, 10:21:11 PM11/25/24
to WildFly
We are migrating older authentication to using bearer_token.
The current setup is using
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>my-app-domain</realm-name>
</login-config>
<auth-method>BASIC</auth-method>
<realm-name>my-app-domain</realm-name>
</login-config>
The newer one is:
<login-config>
<auth-method>BEARER_TOKEN</auth-method>
<realm-name>oauth2-cognito-realm</realm-name>
</login-config>
<auth-method>BEARER_TOKEN</auth-method>
<realm-name>oauth2-cognito-realm</realm-name>
</login-config>
To avoid breaking existing client, we would like to allow both authentication methods to co-exists, and be utilized. Since web.xml allows only one <login-config>, I started looking for ways to accomplish this through elytron components.
My understanding, http-authentication-factory allows configuring
"Mechanism Configurations". The question is how to associate the realm with the auth-method?
I am not sure how others deal with this but I feel a bit lost.
I highly appreciate an advice.
Teixi
Dec 21, 2024, 8:07:15 PM12/21/24
to WildFly
It is possible to use multiple authentication mechanisms OIDC in oidc.json file:
"enable-basic-auth" : true,
"bearer-only" : false,
Check the guide:
HTH
Reply all
Reply to author
Forward
0 new messages