How to add a custom login module in JBoss EAP 6/EAP 7
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6
- 7
Issue
- How to add a custom login module in JBoss EAP 6/EAP 7?
- Getting classpath issues after adding custom login module. How to add the custom-login module such that it will resolve the dependencies with other api ?
Resolution
1) Add the custom login module as a JBoss module
a. Create the modules directory structure
cd $JBOSS_HOME
mkdir -p modules/org/jboss/example/main
Note that 6.1.x and up uses a module directory of "modules/system/layers/base" but this is meant for JBoss use only. For custom or 3rd party modules you should keep using "modules".
b. Create the module.xml file:
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.jboss.example">
<resources>
<resource-root path="example-custom-principal.jar"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.persistence.api"/>
<module name="javax.resource.api"/>
<module name="javax.security.auth.message.api"/>
<module name="javax.security.jacc.api"/>
<module name="javax.servlet.api"/>
<module name="javax.transaction.api"/>
<module name="javax.xml.bind.api"/>
<module name="javax.xml.stream.api"/>
<module name="org.jboss.logging"/>
<module name="org.infinispan"/>
<module name="org.picketbox"/>
</dependencies>
</module>
c. Copy the jar containing the custom login module to the directory created in step 1
cp ~/dev/security/example-custom-principal.jar $JBOSS_HOME/modules/org/jboss/example/main
The equivalent jboss-cli command is as follows
module add --name=org.jboss.example --resources=/path/to/example-custom-principal.jar --dependencies=javax.api,javax.persistence.api,javax.resource.api,javax.security.auth.message.api,javax.security.jacc.api,javax.servlet.api,javax.transaction.api,javax.xml.bind.api,javax.xml.stream.api,org.jboss.logging,org.infinispan,org.picketbox
2) Configure the security domain to use the custom login module:
<subsystem xmlns="urn:jboss:domain:security:1.1">
<security-domains>
<security-domain name="jmx-console" cache-type="default">
<authentication>
<!-- FIXME: notice the 'module' attribute -->
<login-module module="org.jboss.example" code="org.jboss.example.CustomLoginModule" flag="required"/>
</authentication>
</security-domain>
</security-domains>
</subsystem>
Notes:
-
All useful information that needs to be considered when developing a Custom Login Module is fully covered in the Development Guide of Red Hat JBoss Enterprise Application Platform 6.4: #18.3.2. Custom Modules.
-
This tutorial from the
mastertheboss.comwebsite provides a simple walk through and steps guidance for Creating a Custom JBoss Login Module.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.