Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 5. Configuring a Security Domain to use a Filesystem
Security domains can also be configured to use a filesystem as an identity store for authentication and authorization by using a login module.
5.1. UsersRoles Login Module
UsersRoles login module is a simple login module that supports multiple users and user roles loaded from Java properties files. The primary purpose of this login module is to easily test the security settings of multiple users and roles using properties files deployed with the application. The default username-to-password mapping filename is users.properties and the default username-to-roles mapping filename is roles.properties.
This login module supports password stacking, password hashing, and unauthenticated identity.
The properties files are loaded during initialization using the initialize method thread context class loader. This means that these files can be placed on the classpath of the Java EE deployment (for example, into the WEB-INF/classes folder in the WAR archive), or into any directory on the server classpath.
For a full list of configuration options for the UsersRoles login module, please see the UsersRoles login module section Red Hat JBoss Enterprise Application Platform Login Module Reference.
5.1.1. Configuring a Security Domain to use the UsersRoles Login Module
The below example assumes the following files have been created and are available on the application’s classpath:
- sampleapp-users.properties
- sampleapp-roles.properties
CLI Commands for Adding the UserRoles Login Module
/subsystem=security/security-domain=sampleapp:add
/subsystem=security/security-domain=sampleapp/authentication=classic:add
/subsystem=security/security-domain=sampleapp/authentication=classic/login-module=UsersRoles:add(code=UsersRoles,flag=required,module-options=[("usersProperties"=>"sampleapp-users.properties"),("rolesProperties"=>"sampleapp-roles.properties")])
reload
