The 'Noddy' login module is a no deps JAAS compliant LoginModule mainly focused for tests, load tests or integration scenarios.
The LoginModule has been created to:
- authenticate any incoming call that has at least a name (password is not mandatory)
- fill standard tryFirstPass shared state entries:
javax.security.auth.login.name
&javax.security.auth.login.password
, so that it can integrates smoothly on top of standard JAAS security domain definition - support basic role assignment
The LoginModule has very few available options (is one very few ? ;-) )
roles
: a comma separated list of role names that will be assigned to the authenticated principal during authorization phase
- user is not that important: if your application does not store/use data from the user but relies on their login/role only then ouioui-loginmodule is a perfect tool to load test it.
- users are meaningful but you don't know their login: in such cases you can benefit from the ouioui-loginmodule ability to authenticate automatically your calls and then delegate to the rest of the JAAS stack (using tryFirstPass) to fill-in expected roles & principals.
The project produce a ready to use wildfly module.
- Unzip
ouioui-loginmodule-XXX-wildfly-module.zip
intoWILDFLY_HOME\modules
- Update the wildfly configuration
<security-domain name="????" cache-type="default">
...
<authentication>
<login-module code="fr.brouillard.oss.security.jaas.OuiOuiLoginModule" flag="required" module="fr.brouillard.oss.security.jaas">
<module-option name="roles" value="USER,ADMIN"/>
</login-module>
</authentication>
...
</security-domain>
et voilà !