TomEE, CDI and LoginModule

2 Replies

JAAS is not the best security framework it exists but it is often enough for simple needs. Once you passed the setup (I’ll not detail it here) it is generally nice to use. However when writing a CDI app you need to do the bridge yourself.

You can hook it up with DeltaSpike BeanProvider but it is not that obvious/fluent.

That’s why TomEE and OpenEJB now support a bridge.

First create your jaas config file:

CDI {
  org.apache.openejb.core.security.jaas.CDILoginModule required    
    delegate="org.superbiz.MyLoginModule"
    loginModuleAsCdiBean=false;
};

Note: if you want to use a cdi name you can set cdiName property otherwise by default it uses delegate as type. loginModuleAsCdiBean is optional and if set to true it will use a login module cdi bean instead of a login module with CDI injections (so it can have a scope). Note this last ability can be dangerous and is only recommanded if you really know what you do.

Then simply implement LoginModule and inject all you need inside :).

Advertisement

2 thoughts on “TomEE, CDI and LoginModule

  2. Kinfofmemphis

    Excellent. I’ve been using LazyRealm which also works a treat. But this looks pretty cool too.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s