Find file
Fetching contributors…
Cannot retrieve contributors at this time
69 lines (48 sloc) 3.26 KB

Examples of custom login modules for JBoss AS

Tried with JBoss AS 7 but the code I use hasn't changed in years so it should work equally well with JBoss 5 - 7 - future.


Make sure that your <JBoss AS 7.1.0.Final>/standalone/configuration/standalone.xml contains this fragment:

            <security-domain name="form-auth" cache-type="default">
                    <login-module code="custom.MySimpleUsernamePasswordLoginModule" flag="required">
                        <!--module-option name="exampleProperty" value="exampleValue"/-->

Notice that the domain to use for this webapp is specified in its jboss-web.xml.

Login Module Deployment

At JBoss AS 7 you can deploy the login module as a part of this webapp, just by having its .class in WEB-INF/classes/ (and make sure you have it configured in standalone.xml).

For details read JBossAS7SecurityDomainModel#Using_custom_login_module (notice that "write the FQCN in the code attribute" means you should write the fully qualified name of your login module implementation into the code attribute of a login-module element in standalone.xml).

Webapp Deployment

Deploy as usual, f.ex. run package and copy target/jboss-custom-login-*.war to <JBoss AS 7.1.0.Final>/standalone/deployments/

Webapp should be at http://localhost:8080/jboss-custom-login.


This part of JBoss AS hasn't changed in years. There is no good current documentation (i.e. for v7) but the documentation for AS 5 is pretty good and is still valid. The two main articles are:

If you f.ex. can reuse JBoss' DatabaseServerLoginModule but have your passwords encrypted in a way not supported out of the box than you can subclass it and override convertRawPassword to encrypt the user-provided password accordingly, as described in CreatingACustomLoginModule.

JBoss AS 7 specific (but rather too brief):