From Glassfish to Wildfly - Mail & Realms - part 4

Mail Resource



Configuring WildFly to send emails with JavaMail is also slightly different from GlassFish. Every inbound and outbound communication through TCP/IP should be declared in the socket binding group. Since SMTP uses TCP/IP to communicate, then we have to create an Outbound Socket Binding for that. To proceed:
  1. In the admin console, go to Profile > General Configuration > Socket Binding.
  2. In standard-sockets, click on View >, select the tab Outbound Remote, and click on Add.
  3. Fill the form with the data to connect to your SMTP server. For instance:
    1. name: mail-smtp-gmail
    2. host: smtp.gmail.com
    3. port: 465
The second step is to create the JavaMail session that uses the socket binding. To proceed:
  1. Go to Profile > Subsytems > Connector > Mail and click on Add.
  2. Define a JNDI name like java:/mail/app and save.
  3. Click on View > in the session you just created and click on Add.
  4. Fill the form with the data to connect to the SMTP server. For instance:
    1. Socket Binding: mail-smtp-gmail
    2. Type: smtp
    3. Use SSL?: true
    4. Username: johnsmith@gmail.com
    5. Password: supersecret


Pay attention to jndi name inside source code update @resource by using java:/resourcename if java:/ is left.


Realms


When using glassfish, for working fast with realm I was using file realms.
In Wildfly I find more easy to work directly with jdbc realm.

create db realms
create in db a users table
create user_roles table
Insert user and roles in the table
Make by using web admin console or editing standalon.xml a datasource for realms db
Edit standalone.xml in order to make a security domain inside security-domains



<!--add by peppe per realm-->                
<security-domain name="jdbc-security-domain" cache-type="default">
   <authentication>
       <login-module code="Database" flag="required">
           <module-option name="dsJndiName" value="java:/realms"/>
           <module-option name="principalsQuery" value="SELECT password FROM users WHERE username=?"/>
           <module-option name="rolesQuery" value="SELECT role, 'Roles' FROM user_roles WHERE username=?"/>
<!--            <module-option name="hashAlgorithm" value="SHA-512"/>
           <module-option name="hashEncoding" value="hex"/>-->
           <module-option name="unauthenticatedIdentity" value="guest"/>
       </login-module>
       
       <login-module code="RoleMapping" flag="required">
         <module-option name="rolesProperties" value="file:${jboss.server.config.dir}/app.properties"/>
         <module-option name="replaceRole" value="false"/>
       </login-module>
       
   </authentication>
</security-domain>
Finally inside web-inf put file jboss-web.xml containing


<jboss-web>
 <security-domain>jdbc-security-domain</security-domain>
</jboss-web>


edit web.xml roles, login, rules etc.

Notice: If you remove comment from hashalgorithm and choose one algorithm type pay attetion in storing in users table the password hashed version.

If you want to see realms working log you can increase the verbosity log level


   <console-handler name="CONSOLE">
    <level name="TRACE"/>
               <formatter> ……

Add the following logger..
<!--PEPPE ADD-->


      <logger category="org.jboss.security">  
        <level name="TRACE" />  
      </logger>  
      <logger category="org.jboss.web.tomcat.security">  
        <level name="TRACE" />  
      </logger>  
      <logger category="org.apache.catalina">  
        <level name="TRACE" />  
      </logger>  

<!--END-->    

No comments: