Configuring composite-store using aggregate realm with Elytron

Solution Verified - Updated -


  • Provide one identity store for authentication and another for authorization information
  • Map properties file roles to an LDAP user / token realm
  • Configure a composite-store or aggregate-realm
  • Do the equivalent of password stacking: password-stacking = useFirstPass


  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 7.1 or later
  • Elytron
  • Two identity stores: one for authentication and one for authorization.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In