Support for authentication-jaspi

Question

Support for authentication-jaspi

mschoepke opened this issue 9 years ago · 4 comments

Hi,

I'd need to have support for authentication-jaspi like so:

<security-domain name="abc" cache-type="default">
  <authentication-jaspi>
     <login-module-stack name="lm-stack">
        <login-module code="Dummy" flag="required"/>
     </login-module-stack>
     <auth-module code="com.foo.bar.SomeModule" flag="required" login-module-stack-ref="lm-stack">
        <module-option name="foo" value="bar"/>
     </auth-module>
  </authentication-jaspi>
</security-domain>

Thanks a lot
--Markus

Answer 1 · 2015-07-10T19:25:43.000Z

Try this, see if it works:
{ "security" => {
"security-domain" => {
"abc" => {
"cache-type" => "default",
"authentication" => {
"jaspi" => {
"auth-module" => {...}
"login-module" => {...}
}
}
}
...

Answer 2 · 2015-07-13T16:10:34.000Z

Hi Burak
we try to run following jcliff template:

{ "security" =>
  {
    "security-domain" => {
      "abcd" => {
        "cache-type" => "default",
        "authentication" => {"jaspi" => {
            "auth-modules" => [{
                "code" => "com.example.abcd",
                "flag" => "required",
                "login-module-stack-ref" => "abcd-stack",
                "module-options" => {
                    "configuration_endpoint_url" => "https://example.com:443/abcd-service/",
                    "client_id" => "2361933560598880824923619335605988808249",
                    "client_secret" => "46325493924300150246",
                }
            }],
            "login-module-stack" => {"abcd-stack" => {
                "login-modules" => [{
                    "code" => "Dummy",
                    "flag" => "required"
                }]
            }}
        }}
      }
    }
  }
}

It should "create" the security-domain in the jcliff config (xml style):

<security-domain name="abcd" cache-type="default">
    <authentication-jaspi>
        <login-module-stack name="abcd-stack">
            <login-module code="Dummy" flag="required"/>
        </login-module-stack>
        <auth-module code="com.example.abcd" flag="required" login-module-stack-ref="abcd-stack">
            <module-option name="configuration_endpoint_url" value="https://example.com:443/abcd-service/"/>
            <module-option name="client_id" value="2361933560598880824923619335605988808249"/>
            <module-option name="client_secret" value="46325493924300150246"/>
        </auth-module>
    </authentication-jaspi>
</security-domain>

Problem: The login-module-stack is missing...
CLI-Output (/subsystem=security/security-domain=abcd:read-resource(recursive=true)): "login-module-stack" => undefined

Thanks!

Answer 3 · 2015-07-13T20:42:57.000Z

This should be fixed in 2.10.1, please let me know.

Answer 4 · 2015-07-14T05:48:15.000Z

@bserdar it's fixed! Awesome! Thank you!