2

I'm fully aware that wildfly 25 has dropped legacy security realms. So I tried to move from wildfly 20.0.1 to wildfly 25.0.1.

According to the quickstart ee-security, I did

/subsystem=elytron/policy=jacc:add(jacc-policy={})

I also I had to remove in my jboss-web.xml the value :

<security-domain>jaspitest</security-domain>

Otherwise I do get :

{
    "WFLYCTL0412: Required services that are not installed:" => ["jboss.security.security-domain.jaspitest"],
    "WFLYCTL0180: Services with missing/unavailable dependencies" => [
        "jboss.deployment.unit.\"unite_compte.war\".component.SocieteGestionSIXDAOImpl.CREATE is missing [jboss.security.security-domain.jaspitest]",

I also have my own IdentityStore.

When I try to access the site, the login page appears as expected. When I submit the credentials my IdentityStore is called and the validate(Credential) method returns a valid CredentialValidationResult.

Unfortunately, I do get an Exception :

17:05:14,710 WARNING [javax.enterprise.resource.webcontainer.jsf.lifecycle] (default task-3) #{loginView.submit}: java.lang.IllegalStateException: java.io.IOException: java.io.IOException: ELY01177: Authorization failed.: javax.faces.FacesException: #{loginView.submit}: java.lang.IllegalStateException: java.io.IOException: java.io.IOException: ELY01177: Authorization failed.

Caused by: java.io.IOException: ELY01177: Authorization failed.
        at org.wildfly.security.jakarta.authentication@1.17.1.Final//org.wildfly.security.auth.jaspi.impl.JaspiAuthenticationContext$1.handleOne(JaspiAuthenticationContext.java:188)
        at org.wildfly.security.jakarta.authentication@1.17.1.Final//org.wildfly.security.auth.jaspi.impl.JaspiAuthenticationContext$1.lambda$handle$0(JaspiAuthenticationContext.java:100)
        at org.wildfly.security.jakarta.authentication@1.17.1.Final//org.wildfly.security.auth.jaspi.impl.SecurityActions.doPrivileged(SecurityActions.java:39)
        at org.wildfly.security.jakarta.authentication@1.17.1.Final//org.wildfly.security.auth.jaspi.impl.JaspiAuthenticationContext$1.handle(JaspiAuthenticationContext.java:99)

What shall I do to make it work ?

grigouille
  • 511
  • 3
  • 14

1 Answers1

1

As the quickstart says, you have to update the Wildlfy configuration as well. Specifically, you have to run the configure-elytron.cli script of the quickstart

More info: https://github.com/wildfly/quickstart/tree/main/ee-security#configure-the-server

Igochan
  • 61
  • 2
  • 1
    The quickstart was broken at the time. It has been fixed now. See https://stackoverflow.com/questions/69988565/wildfly-25-quickstart-ee-security – grigouille Nov 25 '21 at 13:58