How to migrate JaaS security implementation from EAP 5.x to EAP 6.x for use in JBoss BPM Suite

Solution In Progress - Updated -

Issue

  • For migration from BPM/EAP 5.x to 6.x, how can JaaS security be replicated to configure users/roles in 6.x in an equivalent way to which it is done using the login-config.xml file from 5.x? The content of a login-config.xml file might look like:
<?xml version="1.0" encoding="UTF-8"?>
<policy>
   <application-policy name="jsec">
      <authentication>
         <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
            <module-option name="dsJndiName">java:/JsecDS</module-option>
            <module-option name="principalsQuery">SELECT PASSWORD_ FROM JSEC_ID_USER WHERE NAME_=?</module-option>
            <module-option name="rolesQuery">SELECT g.NAME_ ,'Roles' FROM JSEC_ID_USER u, JSEC_ID_MEMBERSHIP m, JSEC_ID_GROUP g WHERE g.TYPE_=? AND m.GROUP_ = g.ID_ AND m.USER_ = u.ID_ AND u.NAME_=?</module-option>
         </login-module>
      </authentication>
   </application-policy>
<!--Loaded from orignal file: old/login-config.xml-->
   <application-policy name="client-login">
      <authentication>
         <login-module code="org.jboss.security.ClientLoginModule" flag="required">
<!-- Any existing security context will be restored on logout -->
            <module-option name="restore-login-identity">true</module-option>
         </login-module>
      </authentication>
   </application-policy>
<!--- - - - -->

Environment

  • Red Hat JBoss Business Process Management (BPM) Suite 6.x
  • Red Hat JBoss Enterprise Application Platform (EAP) 6.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.