Show Table of Contents
6.4. Configuring the Caller Identity Login Module
Procedure 6.1. Configure the Caller Identity Login Module
Create the Login Module
Configure authentication modules using the Management Console according to the following specification:<security-domain name="my-security-domain" cache-type="default"> <authentication> <login-module code="org.picketbox.datasource.security.CallerIdentityLoginModule" module="org.picketbox" flag="required"> <module-option name="password-stacking" value="useFirstPass"/> <module-option name="userName" value="guest"/> <module-option name="password" value="guest"/> </login-module> </authentication> </security-domain>Configure the Data Source
Configure the datasource according to the following specification.<datasource jndi-name="java:/mysql-ds" pool-name="mysql-ds" enabled="true"> <connection-url>jdbc:mysql://localhost:3306/txns</connection-url> <driver>mysql</driver> <pool><allow-multiple-users/></pool> <security> <security-domain>my-security-domain</security-domain> </security> </datasource>Configure the Connection Factory
Configure the resource adapter according to the following specification:<resource-adapter> <archive>teiid-connector-ldap.rar</archive> <transaction-support>NoTransaction</transaction-support> <connection-definitions> <connection-definition class-name="org.teiid.resource.adapter.ldap.LDAPManagedConnectionFactory" jndi-name="java:/ldapDS" enabled="true" use-java-context="true" pool-name="ldap-ds"> <config-property name="LdapUrl">ldap://ldapServer:389</config-property> <config-property name="LdapAdminUserDN">cn=???,ou=???,dc=???</config-property> <config-property name="LdapAdminUserPassword">pass</config-property> <config-property name="LdapTxnTimeoutInMillis">-1</config-property> <security> <security-domain>my-security-domain</security-domain> </security> </connection-definition> </connection-definitions> </resource-adapter>
Result
When a user logs in with a password, the same password will also be set on the logged in Subject after authentication. These credentials can be extracted by the data source by asking for Subject's private credentials.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.