-
Language:
English
-
Language:
English
Red Hat Training
A Red Hat training course is available for Red Hat JBoss Data Virtualization
7.4. Configuring the Caller Identity Login Module
Procedure 7.1. Configure the Caller Identity Login Module
Create the Login Module
Configure authentication modules using the Management Console according to the following specification:<security-domain name="my-security-domain" cache-type="default"> <authentication> <login-module code="org.picketbox.datasource.security.CallerIdentityLoginModule" module="org.picketbox" flag="required"> <module-option name="password-stacking" value="useFirstPass"/> <module-option name="userName" value="guest"/> <module-option name="password" value="guest"/> </login-module> </authentication> </security-domain>
Configure the Data Source
Configure the datasource according to the following specification.<datasource jndi-name="java:/mysql-ds" pool-name="mysql-ds" enabled="true"> <connection-url>jdbc:mysql://localhost:3306/txns</connection-url> <driver>mysql</driver> <pool><allow-multiple-users/></pool> <security> <security-domain>my-security-domain</security-domain> </security> </datasource>
Configure the Connection Factory
Configure the resource adapter according to the following specification:<resource-adapter> <archive>teiid-connector-ldap.rar</archive> <transaction-support>NoTransaction</transaction-support> <connection-definitions> <connection-definition class-name="org.teiid.resource.adapter.ldap.LDAPManagedConnectionFactory" jndi-name="java:/ldapDS" enabled="true" use-java-context="true" pool-name="ldap-ds"> <config-property name="LdapUrl">ldap://ldapServer:389</config-property> <config-property name="LdapAdminUserDN">cn=???,ou=???,dc=???</config-property> <config-property name="LdapAdminUserPassword">pass</config-property> <config-property name="LdapTxnTimeoutInMillis">-1</config-property> <security> <security-domain>my-security-domain</security-domain> </security> </connection-definition> </connection-definitions> </resource-adapter>
Result
When a user logs in with a password, the same password will also be set on the logged in Subject after authentication. These credentials can be extracted by the data source by asking for Subject's private credentials.