The Security Subsystem

4.1. About the Security Subsystem

The security subsystem provides the infrastructure for all security functionality in JBoss EAP 6. Most configuration elements rarely need to be changed. The only configuration element which may need to be changed is whether to use deep-copy-subject-mode. In addition, you can configure system-wide security properties. Most of the configuration relates to security domains.

Deep Copy Mode

If deep copy subject mode is disabled (the default), copying a security data structure makes a reference to the original, rather than copying the entire data structure. This behavior is more efficient, but is prone to data corruption if multiple threads with the same identity clear the subject by means of a flush or logout operation.

Deep copy subject mode causes a complete copy of the data structure and all its associated data to be made, as long as they are marked cloneable. This is more thread-safe, but less efficient.

System-Wide Security Properties

You can set system-wide security properties, which are applied to java.security.Security class. Security Domain

A security domain is a set of Java Authentication and Authorization Service (JAAS) declarative security configurations which one or more applications use to control authentication, authorization, auditing, and mapping. Three security domains are included by default: jboss-ejb-policy, jboss-web-policy, and other. You can create as many security domains as you need to accommodate the needs of your applications.

Report a bug

4.2. About the Structure of the Security Subsystem

The security subsystem is configured in the managed domain or standalone configuration file. Most of the configuration elements can be configured using the web-based management console or the console- based management CLI. The following is the XML representing an example security subsystem.

Example 4.1. Example Security Subsystem Configuration <subsystem xmlns="urn:jboss:domain:security:1.2"> <security-management> ... </security-management> <security-domains>

<security-domain name="other" cache-type="default"> <authentication>

<login-module code="Remoting" flag="optional"> <module-option name="password-stacking"

value="useFirstPass"/>

</login-module>

<login-module code="RealmUsersRoles" flag="required"> <module-option name="usersProperties"

value="${jboss.domain.config.dir}/application-users.properties"/> <module-option name="rolesProperties"

value="${jboss.domain.config.dir}/application-roles.properties"/>

<module-option name="realm" value="ApplicationRealm"/> <module-option name="password-stacking"

value="useFirstPass"/>

</login-module> </authentication> </security-domain>

<security-domain name="jboss-web-policy" cache-type="default"> <authorization>

<policy-module code="Delegating" flag="required"/> </authorization>

</security-domain>

<security-domain name="jboss-ejb-policy" cache-type="default"> <authorization>

<policy-module code="Delegating" flag="required"/> </authorization> </security-domain> </security-domains> <vault> ... </vault> </subsystem>

The <security-m anagem ent>, <subject-factory> and <security-properties> elements are not present in the default configuration. The <subject-factory> and <security-

properties> elements have been deprecated in JBoss EAP 6.1 onwards. Report a bug

4.3. Configuring the Security Subsystem

4.3.1. Configure the Security Subsystem

You can configure the security subsystem using the Management CLI or web-based Management Console.

Each top-level element within the security subsystem contains information about a different aspect of the security configuration. Refer to Section 4.2, “About the Structure of the Security Subsystem” for an example of security subsystem configuration.

<security-management>

This section overrides high-level behaviors of the security subsystem. Each setting is optional. It is unusual to change any of these settings except for deep copy subject mode.

Option Description

deep-copy-subject-mode Specifies whether to copy or link to security tokens, for additional thread safety.

authentication-manager-class-name Specifies an alternate AuthenticationManager implementation class name to use.

authorization-manager-class-name Specifies an alternate AuthorizationManager implementation class name to use.

audit-manager-class-name Specifies an alternate AuditManager implementation class name to use.

identity-trust-manager-class-name Specifies an alternate IdentityTrustManager implementation class name to use.

mapping-manager-class-name Specifies the MappingManager implementation class name to use. <subject-factory>

The subject factory controls creation of subject instances. It may use the authentication manager to verify the caller. The main use of the subject factory is for JCA components to establish a subject.It is unusual to need to modify the subject factory.

<security-domains>

A container element which holds multiple security domains. A security domain may contain information about authentication, authorization, mapping, and auditing modules, as well as JASPI authentication and JSSE configuration. Your application would specify a security domain to manage its security information.

<security-properties>

Contains names and values of properties which are set on the java.security.Security class.

Report a bug

4.3.2. Security Management

4.3.2.1. About Deep Copy Subject Mode

If deep copy subject mode is disabled (the default), copying a security data structure makes a reference to the original, rather than copying the entire data structure. This behavior is more efficient, but is prone to data corruption if multiple threads with the same identity clear the subject by means of a flush or logout operation.

Deep copy subject mode causes a complete copy of the data structure and all its associated data to be made, as long as they are marked cloneable. This is more thread-safe, but less efficient.

Procedure 4.1. Enable Deep Copy Security Mode from the Management Console