Red Hat Training

A Red Hat training course is available for Red Hat JBoss Data Virtualization

Chapter 5. Authorization Modules

5.1. Custom Authorization Modules

In situations where the JBoss Data Virtualization built-in role mechanism is not sufficient, a custom org.teiid.PolicyDecider can be installed via a JBoss module. This is a two-stage process: first you must create a jar that contains your custom class, then you must expose the jar as a JBoss module so it can be seen by all of your classes.
  1. Implement the org.teiid.PolicyDecider interface and build a custom java class. If you are using maven as your build process, you can use the following dependencies: 
    <dependencies>
      <dependency>
          <groupId>org.jboss.teiid</groupId>
             <artifactId>teiid-api</artifactId>
        <scope>provided</scope>
      </dependency>
      <dependency>
          <groupId>org.jboss.teiid</groupId>
             <artifactId>teiid-common-core</artifactId>
        <scope>provided</scope>
      </dependency>
</dependencies>
  2. The PolicyDecider interface is loaded by JBoss Data Virtualization using Java's standard service loader mechanism. For this to work, add the META-INF/services/org.teiid.PolicyDecider file with the full name of your PolicyDecider implementation class as its contents. Here is an example: 
    org.jboss.teiid.auth.MyCustomPolicyDecider
  3. Package all of these files into a JAR archive.
  4. Create a directory called [JDV_HOME]/modules/com/mycompany/main/.
  5. Copy your jar file into the newly-created directory.
  6. Create a module.xml file and also put it in the [JDV_HOME]/modules/com/mycompany/main/ directory.
    Here is an example that shows dependencies specific to JBoss Data Virtualization: 
    <?xml version="1.0" encoding="UTF-8"?>
  <module xmlns="urn:jboss:module:1.0" name="com.mycompany">
         <resources>
            <resource-root path="my_custom_policy.jar" />
            <!--add any other dependent jars here, if they are not defined as modules -->
        </resources>
    <dependencies>
        <module name="org.jboss.teiid.common-core"/>
        <module name="org.jboss.teiid.api"/>
        <module name="javax.api"/>
    </dependencies>
  </module>

    Note

    If your PolicyDecider has any third-party dependencies, add them as dependencies to the module.xml file. Ensure you list all the files required. If dependencies are missing you will be informed when you start the software.
  7. After the module has been added, edit the server configuration file (standalone.xml or its equivalent) to use your module name. The module must be added to the "teiid" subsystem: 
        
			<policy-decider-module>MODULE-NAME</policy-decider-module>
  8. Restart the system.