Chapter 7. Custom Login Modules

In cases where the login modules bundled with the JBoss EAP security framework do not meet the needs of the security environment, a custom login module implementation may be written. The org.jboss.security.AuthenticationManager requires a particular usage pattern of the Subject principals set. A full understanding of the JAAS Subject class’s information storage features and the expected usage of these features are required to write a login module that works with the org.jboss.security.AuthenticationManager. Custom login modules must be implementations of javax.security.auth.spi.LoginModule. Refer to the API documentation for more information about creating a custom authentication module.