Official documentation available
There is also official documentation available regarding the JBoss application server. Please check the pages
- https://documentation.magnolia-cms.com/display/DOCS/JBoss+AS+configuration and
- https://documentation.magnolia-cms.com/display/DOCS/Deploying+a+WAR+on+JBoss+AS
Because I had to install a newer version of JBoss / WildFly recently, I'll describe the setup process I did because it was in the end slightly easier than described in the documents mentioned above. This guide is for the JetBrains IDEA (Ultimate) IDE but you might be able to adjust it also for an Eclipse environment.
This guide was checked with JBoss WildFly version 8.2.1.Final and 10.0.10.Final on with IDEA 15 Utilmate on Mac OS X Yosemite.
Configure JAAS
Magnolia integrates the Java Authentication and Authorization service. To make this work with JBoss, adjust the configuration as described in the official documentation (JBoss AS 7). For your convenience, below is the final configuration for the Magnolia JAAS part. I have added to urn:jboss:domain:security:1.2
...
<login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
...
<security-domain name="magnolia" cache-type="default">
<authentication>
<login-module code="info.magnolia.jaas.sp.jcr.JCRAuthenticationModule" flag="requisite"/>
<login-module code="info.magnolia.jaas.sp.jcr.JCRAuthorizationModule" flag="required"/>
</authentication>
</security-domain>
<security-domain name="Jackrabbit" cache-type="default">
<authentication>
<login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
</authentication>
</security-domain>
This is the whole configuration block:
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmDirect" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="magnolia" cache-type="default">
<authentication>
<login-module code="info.magnolia.jaas.sp.jcr.JCRAuthenticationModule" flag="requisite"/>
<login-module code="info.magnolia.jaas.sp.jcr.JCRAuthorizationModule" flag="required"/>
</authentication>
</security-domain>
<security-domain name="Jackrabbit" cache-type="default">
<authentication>
<login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
</authentication>
</security-domain>
<security-domain name="jboss-web-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required"/>
</authorization>
</security-domain>
<security-domain name="jboss-ejb-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required"/>
</authorization>
</security-domain>
<security-domain name="jaspitest" cache-type="default">
<authentication-jaspi>
<login-module-stack name="dummy">
<login-module code="Dummy" flag="optional"/>
</login-module-stack>
<auth-module code="Dummy"/>
</authentication-jaspi>
</security-domain>
</security-domains>
</subsystem>