The WildFly security subsystem
WildFly security qualifies as an extension to the application server and is included, by de-
fault, both in standalone and domain servers using the following code:
WildFly defines security policies using two terms: security realms and security domains.
Security realms are configuration sets mapped to external connectors (for example, EJB re-
moting and management interface). They allow every connection type to have its own ap-
propriate authentication and authorization properties defined. For instance, both manage-
ment and application realms define two separate files, which store the allowed usernames.
Additionally, the application realm contains a reference to a file that defines user role.
The configuration defined in the security realm is then passed to a security domain reques-
ted by the deployed application. The security domain defines a set of login modules that are
responsible for checking the user's credentials and creating a security principal representing
the client (along with a set of roles for the requester).
The following is an extract from the default security subsystem contained in the server con-
figuration file, which contains the RealmDirect login that will be used in the next sec-
tion to secure the Ticket example application:
<security-domain name="other" cache-type="default">
Search WWH ::