Why can't the JBoss EAP SAML2STSLoginModule be configured with login module options instead of configFile?
Issue
Why can't the JBoss EAP SAML2STSLoginModule be configured with login module options instead of configFile?
We are using the org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSLoginModule for an EJB. The client sends the SAML Assertion obtained from picketlink STS (based on the quickstarts STS) as credential. Everything works well using the module-option "configFile" and a file "sts-config.properties". We want to set the password for the STS user needed to verify the assertion using JBoss vault, I tested the module-options "serviceName", "portName", "endpointAddress", "username" and "password" but it doesn't work.
<security-domain name="sts" cache-type="default">
<authentication>
<login-module code="org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSLoginModule" flag="required" module="org.picketlink">
<module-option name="serviceName" value="PicketLinkSTS"></module>
<module-option name="portName" value="PicketLinkSTSPort"></module>
<module-option name="endpointAddress" value="http://localhost:8080/picketlink-sts/PicketLinkSTS"></module>
<module-option name="username" value="admin"></module>
<module-option name="password" value="admin"></module>
<login-module></login>
<authentication></authentication>
<security-domain></security>
Environment
- Red Hat JBoss Enterprise Application Platform
- 6.4.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
