-
Language:
English
-
Language:
English
Red Hat Training
A Red Hat training course is available for Red Hat JBoss Data Virtualization
4.6. Example Custom Authentication Module
Suppose you are working on a project where user names and passwords are stored in a relational database; however, the passwords are base64 encoded, so you can't use the
DatabaseServerLoginModule
module directly. You can provide a subclass:
public class MyLoginModule extends DatabaseServerLoginModule { protected String convertRawPassword(String password) { try { return new String((new sun.misc.BASE64Decoder()).decodeBuffer(password)); } catch (IOException e) { return password; } } }
To use this new module, you will need to declare a new security domain in the server configuration file:
<security-domain name="my-security-domain"> <authentication> <login-module code="com.mycompany.MyLoginModule" flag="required"> <module-option name="dsJndiName">java:MyDataSource</module-option> <module-option name="principalsQuery">select password from usertable where login=?</module-option> <module-option name="rolesQuery">select role, 'Roles' from users, userroles where login=? and users.roleId=userroles.roleId</module-option> </login-module> </authentication> </security-domain>
After that, configure the transport to use the security domain with the new authentication module:
<transport name="jdbc" protocol="teiid" socket-binding="teiid-jdbc"> <authentication security-domain="my-security-domain"/> </transport>
Note
DatabaseServerLoginModule is in the picketbox JAR (moved from jbosssx in earlier versions).
Maven pom.xml dependency example for Red Hat JBoss EAP:
<dependency> <groupId>org.picketbox</groupId> <artifactId>picketbox</artifactId> <version>4.1.1.Final-redhat-1</version> <scope>provided</scope> </dependency>