stackoom
  简体   繁体   中英

Migrating “Security Domain” from JBoss 5.1.0 to WildFly

 原文  2014-07-23 17:36:42       java/ security/ jaas/ wildfly-8/ jboss-web

Question

I am migrating a JBoss 5.1.0 app to WildFly 8.1.0. On my jboss-web.xml I have the following element:

<security-domain>java:/jaas/myApp</security-domain>

However, the schma http://www.jboss.org/j2ee/schema/jboss-web_5_1.xsd does not support this element, causing:

cvc-complex-type.2.4.a: Invalid content was found starting with element 'security-domain'.

The security domain is related to this application policy: 

<application-policy name="myApp">
    <authentication>
        <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
            <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory/module-option>
            <module-option name="java.naming.provider.url">ldap://example.com:389</module-option>
            <module-option name="java.naming.security.authentication">simple</module-option>
            <module-option name="bindDN">"DOMAIN"\username</module-option>
            <module-option name="bindCredential">credential</module-option>
            <module-option name="baseCtxDN">OU=aaaaa,OU=bbbbb,DC=cccc,DC=dddd,DC=com,DC=br</module-option>
            <module-option name="baseFilter">(sAMAccountName={0})</module-option>
            <module-option name="rolesCtxDN">OU=aaaaa,OU=bbbbb,DC=cccc,DC=dddd,DC=com,DC=br</module-option>
            <module-option name="roleFilter">(member={1})</module-option>
            <module-option name="roleAttributeIsDN">true</module-option>
            <module-option name="roleNameAttributeID">cn</module-option>
            <module-option name="searchTimeLimit">30000</module-option>
            <module-option name="searchScope">SUBTREE_SCOPE</module-option>
            <module-option name="allowEmptyPasswords">false</module-option>
        </login-module>
    </authentication>
</application-policy>

How can I rewrite this to make my app "WildFly deployable".

1 answers

solution1
 0  2014-08-25 19:54:28

Two issues I can see:

  1. In WildFly 8 security domains no longer use the prefix java:/jaas/ in their names. Remove this prefix from the security domain configurations in jboss-web.xml for web applications and jboss.xml for enterprise applications.

  2. You need to set your LdapExtLoginModule in a security-domain. Here you will find the LDAP setup in the developer guide (migrating from AS5/AS6) https://docs.jboss.org/author/display/WFLY8/How+do+I+migrate+my+application+from+AS5+or+AS6+to+WildFly#HowdoImigratemyapplicationfromAS5orAS6toWildFly-ConfigureLDAPsecurityrealmchanges

There is more information in the guide for migrating your jboss AS5/AS6 application to wildfly in case you run into more issues.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question JBoss 5.1.0 to Wildfly JBoss/WildFly Security Domain shared across projects Wildfly Security Subsystem: Migrating from Legacy to Elytron, security-domain not found Wildfly 16: Security domain specified in jboss-web.xml is ignored Migrating Java application from Jboss eap-6.3 to Wildfly 9 Migrating Grails (2.2.4) application from JBoss 5.1 to Wildfly 8.2.1 @Context issue when migrating from JBoss 7.1.1 to Wildfly Migrating web application from JBoss 7.1.1 + Java 6 to Wildfly 9.0.2 + Java 8 Problems with migrating a system with JBoss EAP 6.3 Standalone + Apache for Wildfly 15 Domain + Apache with modcluster wildfly security domain not working
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM