Chapter 11. Securing JBoss EAP 6

11.1. About the Security Subsystem

The security subsystem provides security infrastructure for applications. The subsystem uses a security context associated with the current request to expose the capabilities of the authentication manager, authorization manager, audit manager, and mapping manager to the relevant container.
The security subsystem is preconfigured by default, so security elements rarely need to be changed. The only security element that may need to be changed is whether to use deep-copy-subject-mode. In most cases, administrators will focus on the configuration of security domains.
Deep Copy Mode

See Section 11.4, “About Deep Copy Subject Mode” for details about deep copy subject mode.

Security Domain

A security domain is a set of Java Authentication and Authorization Service (JAAS) declarative security configurations which one or more applications use to control authentication, authorization, auditing, and mapping. Three security domains are included by default: jboss-ejb-policy, jboss-web-policy, and other. You can create as many security domains as you need to accommodate your application requirements. See Section 11.6.12, “Use a Security Domain in Your Application” for details about security domain.