Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-3604

cannot use 2 login modules with the same "code" in one security domain

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • 9.0.0.Alpha1
    • Security
    • None
    • Hide
      1. add a new domain
        /subsystem=security/security-domain=test:add
      1. setup auth with 2 "UsersRoles", modules.
        /subsystem=security/security-domain=test/authentication=classic:add(login-modules=[{ "code" => "UsersRoles", "flag" => "required", "module-options" => { "usersProperties" => "/home/tom/etc/UsersRoles/my-users.properties", "rolesProperties" => "/home/tom/etc/UsersRoles/my-roles.properties" }},{ "code" => "UsersRoles", "flag" => "required", "module-options" => { "usersProperties" => "/home/tom/etc/UsersRoles/my-users.properties", "rolesProperties" => "/home/tom/etc/UsersRoles/my-roles.properties" }}])

      {
      "outcome" => "failed",
      "rolled-back" => true
      }

      Same thing happens with for example 2 LdapExt modules

      Modifying the xml manually and it will work fine though

      Show
      add a new domain /subsystem=security/security-domain=test:add setup auth with 2 "UsersRoles", modules. /subsystem=security/security-domain=test/authentication=classic:add(login-modules= [{ "code" => "UsersRoles", "flag" => "required", "module-options" => { "usersProperties" => "/home/tom/etc/UsersRoles/my-users.properties", "rolesProperties" => "/home/tom/etc/UsersRoles/my-roles.properties" }},{ "code" => "UsersRoles", "flag" => "required", "module-options" => { "usersProperties" => "/home/tom/etc/UsersRoles/my-users.properties", "rolesProperties" => "/home/tom/etc/UsersRoles/my-roles.properties" }}] ) { "outcome" => "failed", "rolled-back" => true } Same thing happens with for example 2 LdapExt modules Modifying the xml manually and it will work fine though
    • Hide
      • edit xml
      • create a fake login module, example:
        public class UsersRolesLoginModule2 extends
        org.jboss.security.auth.spi.UsersRolesLoginModule
        {
        }

      set it up as a module (with a picketbox dependency) and specify this class + module name for one of the login modules.

      Show
      edit xml create a fake login module, example: public class UsersRolesLoginModule2 extends org.jboss.security.auth.spi.UsersRolesLoginModule { } set it up as a module (with a picketbox dependency) and specify this class + module name for one of the login modules.

      Using the CLI to setup a security domain with two login modules with the same "code" fails.

              darran.lofthouse@redhat.com Darran Lofthouse
              tfonteyn Tom Fonteyne (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: