Giter VIP home page Giter VIP logo

spnego-wildfly's Introduction

spnego-wildfly

spnego alternative for wildfly, based on spnego.sourceforge.net

Installation

  • Add krb5.conf to JBOSS_HOME/bin

      [libdefaults]
    default_tkt_enctypes = aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
    default_tgs_enctypes = aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
    permitted_enctypes   = aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
    dns_lookup_realm = false

  [realms]
       ...
  [domain_realm]
       ...

  • Add system properties (standalone.xml or standalone.conf ...)

      <system-properties>
    <property name="sun.security.krb5.debug"   value="false"/>
    <property name="java.security.krb5.kdc"    value="kdc-FQN"/>
    <property name="java.security.krb5.realm"  value="DOMAIN.TLD"/>
    <!-- krb5.conf in JBOSS_HOME/bin or full path -->
    <property name="java.security.krb5.conf"   value="krb5.conf"/>
    <!-- using preauth without keytab -->
    <property name="spnego.preauth.username" value="[email protected]"/>
    <property name="spnego.preauth.password" value="secret"/>
  </system-properties>

  • Add login modules to standalone.xml :

      <security-domain name="spnego-server">
    <authentication>
      <login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required">
        <module-option name="storeKey" value="true"/>
        <!--
        <module-option name="useKeyTab" value="true"/>
        <module-option name="keyTab"    value="path-to-ketytab"/>
        <module-option name="principal" value="keytab-principal"/>
        -->
      </login-module>
    </authentication>
  </security-domain>
  <security-domain name="spnego-roles" cache-type="default">
    <authentication>
      <login-module code="de.ctrlaltdel.SpnegoAckLoginModule" flag="required"/>
      <!-- simple UsersRoles or LDAP etc. -->
      <login-module code="UsersRoles" flag="sufficient">
        <module-option name="password-stacking" value="useFirstPass"/>
        <module-option name="usersProperties"   value="spnego-users.properties"/>
        <module-option name="rolesProperties"   value="spnego-roles.properties"/>
      </login-module>
    </authentication>
  </security-domain>

  • Add spnego-auth as dependency to the webapp

      <dependency>
     <groupId>de.ctrlaltdel</groupId>
     <artifactId>spnego-auth</artifactId>
     <version>1.0</version>
  </dependency>

  • And now - Rock'n'Roll !

Published without warranty under Free-For-Beer license

spnego-wildfly's People

Contributors

dstraub avatar

Watchers

James Cloos avatar

Forkers

backslash47 semeretsehaye vonloxley tobilarscheid nagraj321 vladlukin xiningw

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.