EAP6 fall back to security-domain "other"
Issue
-
Does EAP-6 fallback to
"other"security-domain when a misspelled security domain is encountered in jboss-web.xml ? -
If the name of security-domain specified in jboss-web.xml doesn't exist in the security subsystem, the WAR deployment is stopped with the following error :
19:47:44,658 INFO [org.jboss.as.server.deployment] (MSC service thread 1-4) JBAS015876: Starting deployment of "FormBasedSecurity.war" (runtime-name: "FormBasedSecurity.war")
19:47:45,105 ERROR [org.jboss.as.server] (DeploymentScanner-threads - 2) JBAS015870: Deploy of deployment "FormBasedSecurity.war" was rolled back with the following failure message: {"JBAS014771: Services with missing/unavailable dependencies" => ["jboss.web.deployment.default-host./FormBasedSecurity.realm is missing [jboss.security.security-domain.secure1111]"]}
19:47:45,123 INFO [org.jboss.as.server.deployment] (MSC service thread 1-1) JBAS015877: Stopped deployment FormBasedSecurity.war (runtime-name: FormBasedSecurity.war) in 18ms
- What happens if a security-domain is not specified in the web-application's jboss-web.xml and have the following configuration in web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>MySecuredResource-1</web-resource-name>
<url-pattern>/secured/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>someRole</role-name>
</auth-constraint>
</security-constraint>
...
<login-config>
<auth-method>FORM</auth-method>
...
</login-config>
...
<security-role>
<role-name>someRole</role-name>
</security-role>
Environment
- JBoss Enterprise Application Platform (EAP)
- 6.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Close
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.