1000185 – The JASPI auth-module configuration does not support a "module" attribute

Bug 1000185 - The JASPI auth-module configuration does not support a "module" attribute

Summary: The JASPI auth-module configuration does not support a "module" attribute

Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Security
Sub Component:
Version:	6.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	DR0
Target Release:	EAP 6.3.0
Assignee:	Stefan Guilhen
QA Contact:	Josef Cacek
Docs Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-08-22 21:42 UTC by Derek Horton
Modified:	2017-10-10 00:13 UTC (History)
CC List:	4 users (show)
Doc Type:
Doc Text:	(edit) In previous versions of JBoss EAP 6, the JASPIC auth-module configuration in the security subsystem was ignoring the "module" attribute. This attribute tells PicketBox where to load custom auth-module classes from. As a result, custom JASPIC auth-modules could not be configured as PicketBox was unable to determine the jboss module that should be used. As the module attribute already exists in the security subsystem schema, the fix involved adding code in the security subsystem to handle this attribute, allowing PicketBox to correctly load custom modules. As a result, users can now configure custom JASPIC auth-modules by using the "module" attribute to indicate the jboss-module that contains the custom module class. In previous versions of JBoss EAP 6, the JASPIC auth-module configuration in the security subsystem was ignoring the "module" attribute. This attribute tells PicketBox where to load custom auth-module classes from. As a result, custom JASPIC auth-modules could not be configured as PicketBox was unable to determine the jboss module that should be used. As the module attribute already exists in the security subsystem schema, the fix involved adding code in the security subsystem to handle this attribute, allowing PicketBox to correctly load custom modules. As a result, users can now configure custom JASPIC auth-modules by using the "module" attribute to indicate the jboss-module that contains the custom module class.
Clone Of:
Environment:	(edit)
Last Closed:	2014-06-28 15:29:37 UTC
Type:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
JBoss Issue Tracker	WFLY-2108	Major	Resolved	The JASPI auth-module configuration does not support a "module" attribute	2014-09-02 23:33:24 UTC

Description Derek Horton 2013-08-22 21:42:51 UTC

Description of problem:
The JASPI auth-module configuration does not support a "module" attribute.  This means that when using a custom JASPI module you will need to configure the application to depend on the custom module, make the JASPI module a global module or add the JASPI class to the picketbox module.

I think the JASPI auth-module should support a "module" attribute so that a user can specify which module contains a custom JASPI module.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 JBoss JIRA Server 2013-11-07 23:55:08 UTC

Stefan Guilhen <sguilhen@redhat.com> made a comment on jira WFLY-2108

The module attribute exists in the XSD but is missing in the JASPIMappingModuleDefinition. I've updated the model and related transformers to allow configuration of custom auth-modules.

Comment 2 Kabir Khan 2013-12-18 09:38:30 UTC

https://github.com/jbossas/jboss-eap/pull/680/files

Comment 3 Ondrej Lukas 2014-02-25 09:40:25 UTC

Verified on EAP 6.3.0.DR0.

Comment 4 Scott Mumford 2014-07-17 04:10:12 UTC

Making public for visibility in 6.3.0 Release Notes.

Note You need to log in before you can comment on or make changes to this bug.