jeudi 28 mai 2015

"Forbidden" in Custom Login Module in Wildfly

I have configured custom login module

Added an Application user "jmsuser" in group "guest" for realm ApplicationRealm. But still I am getting "Forbidden" in the resultant page.

Standalone-full.xml

<default-security-domain value="MyLoginModule"/>
<security-domain name="MyLoginModule" cache-type="default">
                    <authentication>
                        <login-module code="com.auth.MyLoginModule" flag="required"/>
                    </authentication>
</security-domain>

Web.xml

<security-role>  
    <role-name>guest</role-name>  
</security-role>  
<security-constraint>  
    <web-resource-collection>  
        <web-resource-name></web-resource-name>  
        <url-pattern>/*</url-pattern>  
        <http-method>GET</http-method> 
    <http-method>POST</http-method> 
    </web-resource-collection>  
    <auth-constraint>  
        <role-name>guest</role-name>  
    </auth-constraint>  
</security-constraint>  
<login-config>  
    <auth-method>BASIC</auth-method>  
<realm-name>MyLoginModule</realm-name>
</login-config>

jboss-web.xml

<?xml version="1.0" encoding="UTF-8"?>
<jboss-web> 
    <security-domain>MyLoginModule</security-domain> 
</jboss-web>

MyLoginModule.java

public boolean login() throws LoginException
    {
//returns true;
}

Audit.log

11:17:51,560 TRACE [org.jboss.security] (default task-2) PBOX000224: End getAppConfigurationEntry(MyLoginModule), AuthInfo: AppConfigurationEntry[]:
[0]
LoginModule Class: com.auth.MyLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:

11:19:16,232 TRACE [org.jboss.security] (default task-2) PBOX000210: defaultLogin, login context: javax.security.auth.login.LoginContext@8ba05ec, subject: Subject(1075984995).principals=com.auth.MyLoginModulePrincipal@1936852516(MyLoginModulePrincipal:  jmsuser)
11:19:18,863 TRACE [org.jboss.security] (default task-2) PBOX000207: updateCache, input subject: Subject(1075984995).principals=com.auth.MyLoginModulePrincipal@1936852516(MyLoginModulePrincipal:  jmsuser), cached subject: Subject(689516194).principals=com.auth.MyLoginModulePrincipal@1936852516(MyLoginModulePrincipal:  jmsuser)
11:19:18,865 TRACE [org.jboss.security] (default task-2) PBOX000208: Inserted cache info: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@6a06d399
11:19:18,866 TRACE [org.jboss.security] (default task-2) PBOX000201: End isValid, result = true
11:19:18,879 TRACE [org.jboss.security] (default task-2) PBOX000354: Setting security roles ThreadLocal: null

Aucun commentaire:

Enregistrer un commentaire