Running Wildfly 16, I specify a security domain in my application's WEB-INF/jboss-web.xml as follows:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>MyDomain</security-domain>
</jboss-web>
In Wildfly's standalone.xml in the undertow section I specify that security domain as application security domain as follows:
<subsystem xmlns="urn:jboss:domain:undertow:8.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>
<https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<http-invoker security-realm="ApplicationRealm"/>
</host>
</server>
...
<application-security-domains>
<application-security-domain name="MyDomain" security-domain="OAuth2Domain"/>
</application-security-domains>
Next, in the elytron section I specify the security domain as follows:
<subsystem xmlns="urn:wildfly:elytron:6.0" final-providers="combined-providers" disallowed-providers="OracleUcrypto">
...
<security-domain name="OAuth2Domain" default-realm="OAuth2Realm" permission-mapper="default-permission-mapper">
<realm name="OAuth2Realm"/>
</security-domain>
Of course, also OAuth2Realm is subsequently defined and Wildfly starts without complaint. However, when accessing the application through http, Wildfly always uses the security domain "other" in the legacy security section, rather than my security domain in the elytron section. How can I force Wildfly to use my Elytron security domain?
question from:
https://stackoverflow.com/questions/66048454/wildfly-16-security-domain-specified-in-jboss-web-xml-is-ignored 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
