2

I have two apps, server side is based on java with rest easy and client where I'm using angular js.

I used basic authentication where I generated token in first request and all requests used this token, but since I moved project to Wildfly, and there is no Tomcat this way doesn't work.

My class TokenAuthenticator extends BasicAuthenticator from Catalina;

web.xml has:

<login-config>
    <realm-name>App</realm-name>
</login-config>

<security-role>
    <role-name>user</role-name>
</security-role>

and jboss-web.xml:

<jboss-web>
    <security-domain>App</security-domain>
    <valve>
        <class-name>package.TokenAuthenticator</class-name>
    </valve>
    <context-root>/app-server</context-root>
</jboss-web>

In my EJB beans I'm using @RolesAllowed annotation to restrict access to resources.

I read that for now, Wildfly doesn't support valves.

What is my the best alternative?

4

1 回答 1

1

我改变了主意并实现了基于表单的身份验证,但是在回答我之前的问题时,我应该写一个ServletExtension添加AuthenticationMechanismDeploymentInfo. 在AuthenticationMechanism中,有一个 authenticate() 方法,用于对用户进行身份验证。您可以在 Undertow文档中找到一些信息。

可能(在最终版本之前)他们将允许通过 XML 进行配置。

于 2013-10-07T08:58:18.907 回答