I have been trying to use a custom class(CustomLoginModule) that implements javax.security.auth.spi.LoginModule and deploy it in wildfly 10. I have put the configurations in standalone.xml stated as below. I am not able to figure out the cause why the CustomLoginModule never gets invoked. I have enabled trace and able to figure out the class gets loaded from the modules directory of Wildfly10.
Standalone configuration:
<security-domain name="xxxx">
<authentication>
<login-module code="com.test.CustomLoginModule" flag="required">
<module-option name="userQuery" value="select USER_ID from FH_USER_TE where USER_ID=? and PASSWORD=?"/>
<module-option name="roleQuery" value="select ROLE from FH_USER_TE where USER_ID=?"/>
</login-module>
</authentication>
It would be great if I can get some advice/suggestions here to make it move forward.
The same worked perfectly in TOMCAT 8
Thanks, Dwaipayan
I am able to invoke my CustomLoginModule Successfully by removing the jar from the modules directory of Wildfly 10. The .war bundles the CustomLoginModule class . I am not sure if this is the right way but it works. The options in CustomLoginModule although comes as "jboss.security.security_domain=fusionHiringLoginModule".
the sql queries have to be a part of module-option as below
<security-domain name="xxxxx" cache-type="default">
<authentication>
<login-module code="com.test.CustomLoginModule" flag="required">
<module-option name="userQuery" value="select userId from tableName where USER_ID=? and PASSWORD=?" />
<module-option name="roleQuery" value="select role from table where USER_ID=?" />
</login-module>
</authentication>
</security-domain>
Thanks
Dwaipayan