2.5.4. Security Configuration
The following configuration steps must be performed to ensure security compliance with Common Criteria requirements.
2.5.4.1. JBoss SX
Custom Login Modules are not permitted; the only login modules allowed are the following:
org.jboss.security.auth.spi.UsersRolesLoginModule
org.jboss.security.auth.spi.LdapLoginModule
org.jboss.security.auth.spi.DatabaseServerLoginModule
org.jboss.security.auth.spi.BaseCertLoginModule
This restriction on login modules is also applicable to the DynamicLoginConfig service.
Only the following security managers are allowed to be configured and used for authentication purposes:
org.jboss.security.plugins.JaasSecurityManager
org.jboss.security.plugins.JaasSecurityDomain
Additional security-related modules that are permitted are the following:
org.jboss.security.authorization.modules.DelegatingAuthorizationModule
org.jboss.security.integration.JNDIBasedSecurityRegistration
org.jboss.security.auth.certs.SubjectDNMapping
Other modules, such as SRP module are not allowed.