How to migrate JaaS security implementation from EAP 5.x to EAP 6.x for use in JBoss BPM Suite
Issue
- For migration from BPM/EAP 5.x to 6.x, how can JaaS security be replicated to configure users/roles in 6.x in an equivalent way to which it is done using the login-config.xml file from 5.x? The content of a login-config.xml file might look like:
<?xml version="1.0" encoding="UTF-8"?>
<policy>
<application-policy name="jsec">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/JsecDS</module-option>
<module-option name="principalsQuery">SELECT PASSWORD_ FROM JSEC_ID_USER WHERE NAME_=?</module-option>
<module-option name="rolesQuery">SELECT g.NAME_ ,'Roles' FROM JSEC_ID_USER u, JSEC_ID_MEMBERSHIP m, JSEC_ID_GROUP g WHERE g.TYPE_=? AND m.GROUP_ = g.ID_ AND m.USER_ = u.ID_ AND u.NAME_=?</module-option>
</login-module>
</authentication>
</application-policy>
<!--Loaded from orignal file: old/login-config.xml-->
<application-policy name="client-login">
<authentication>
<login-module code="org.jboss.security.ClientLoginModule" flag="required">
<!-- Any existing security context will be restored on logout -->
<module-option name="restore-login-identity">true</module-option>
</login-module>
</authentication>
</application-policy>
<!--- - - - -->
Environment
- Red Hat JBoss Business Process Management (BPM) Suite 6.x
- Red Hat JBoss Enterprise Application Platform (EAP) 6.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
