Bug 1124384

Summary: [Doc Bug Fix] JASPI documentation is not sufficient
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Josef Cacek <jcacek>
Component: DocumentationAssignee: Zach Rhoads <zrhoads>
Status: CLOSED DEFERRED QA Contact: Russell Dickenson <rdickens>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 6.3.0CC: anrobert, dmichael
Target Milestone: ---Keywords: Documentation, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Build Name: 22558, Security Guide-6.3-1 Build Date: 29-07-2014 11:26:08 Topic ID: 4934-591678 [Specified]
Last Closed: 2015-10-27 20:44:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Josef Cacek 2014-07-29 11:40:07 UTC 
Chapter "Configure Java Authentication SPI for Containers (JASPI) Security" is not sufficient. An important piec of configuration is missing there.

Please fix following two points:

1) There has to be information about configuration of Valve which enables JASPI authentication. You can use community wiki as a starting point:
https://community.jboss.org/wiki/JBossAS7EnablingJASPIAuthenticationForWebApplications

2) Use CLI commands instead of XML fragments to describe how to configure a security domain with JASPI authentication.
E.g:

/subsystem=security/security-domain=jaspi-test:add(cache-type=default)
/subsystem=security/security-domain=jaspi-test/authentication=jaspi:add
/subsystem=security/security-domain=jaspi-test/authentication=jaspi/auth-module=basic-auth-module:add(code="org.jboss.as.web.security.jaspi.modules.HTTPBasicServerAuthModule", flag="required", login-module-stack-ref="lm-stack")
/subsystem=security/security-domain=jaspi-test/authentication=jaspi/login-module-stack=lm-stack:add
/subsystem=security/security-domain=jaspi-test/authentication=jaspi/login-module-stack=lm-stack/login-module=users:add(code="UsersRoles", flag="required", module-options=[("usersProperties"=>"${jboss.server.config.dir}/jaspi-users.properties"), ("rolesProperties"=>"${jboss.server.config.dir}/jaspi-roles.properties")])
reload
Comment 2 Deon Ballard 2015-06-22 21:54:05 UTC 
Reassigning all EAP 6 bugs to Dawn as the new strategist.
Comment 3 anrobert 2015-10-27 20:44:03 UTC 
Moved to JIRA: https://issues.jboss.org/browse/JBEAP-1670