You can integrate JBoss Enterprise Application Platform (EAP) 6.x Application Server with Oracle Access Manager.
It includes information regarding the Access Manager Access SDK and JBoss Agent.
Check the latest support information on:
http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-certification-100350.html
Host 1: Install Access Manager as described in .
Host 2:
Install JBoss EAP 6.x Application Server, as described in your JBoss installation guide.
Set JAVA_HOME environment variable.
Edit JBoss standalone.xml/domain.xml to change host from 127.0.0.1 to 0.0.0.0. For example:
JBoss_install_directory\standalone\configuration\standalone.xml
From
<wsdl-host>${jboss.bind.address:127.0.0.1}</wsdl-host>
To
<wsdl-host>${jboss.bind.address:127.0.0.1}</wsdl-host>
Host 2: install the Access Manager Access SDK, as described in the Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management.
Host 2: create a Global module. For example:
Create a directory at JBoss_install_directory\modules\system\layers\base\mymodule\main
Create module.xml:
<?xml version="1.0" encoding="UTF-8"?><module xmlns="urn:jboss:module:1.1" name="mymodule"> <resources> <resource-root path="j2eeagent.jar"/> <resource-root path="oamasdk-api.jar"/> <resource-root path="jbossweb-service.jar"/> <resource-root path="jps-api.jar"/> </resources> <dependencies> <module name="javax.servlet.api"/> <module name ="javax.xml.bind.api"/> <module name="org.jboss.logging"/><module name="javax.api"/><module name="org.jboss.as.web"/> </dependencies></module>
Host 2: install the OAM JBoss Agent.
Download the JBoss Agent ZIP file and extract the files.
For supported JBoss EAP 6.x versions, the JBoss agent is supplied as JAR files in patch 19440119. Download the referenced patch from My Oracle Support at http://support.oracle.com/.
From the /agentconfig/oam_config.properties file, copy oam-authenticatorvalve.jar and j2eeagent.jar to JBoss_install_directory\modules\system\layers\base\mymodule\mainDownload the JBossWeb jar from http://www.java2s.com/Code/JarDownload/jbossweb/jbossweb-service.jar.zip and copy it's jbossweb-service.jar to JBoss_install_directory\modules\system\layers\base\mymodule\main
Host 2: configure the Global module
Open jboss_install_directory/standalone/configuration/standalone.xml(for standalone) or domain.xml (for multi structure)
Under “jboss:domain:ee" subsystem, add below line:
<global-modules>
<module name="mymodule" slot="main"/>
</global-modules>
Proceed to "Protecting JBoss-Specific Resources" and do the following procedures.
Proceed to "Protecting Web Applications with the JBoss Agent" and do the following procedures.
Configure the JBoss Login Module to use Access Manager policies.
Open jboss_install_directory/standalone/configuration/standalone.xml(for standalone) or domain.xml (for multi structure)
Under the “jboss:domain:security" subsystem, add a new security-domain as follows:
<security-domain name="oamrealm" cache-type="default">
<authentication>
<login-module code="oracle.security.am.agent.common.
jaas.login.OAMLoginModule" flag="required">
<module-option name="loginType" value="tokenBased"/>
<module-option name="configPath"
value="/scratch/lovagarw/jboss/config/"/>
<module-option name="publicAuthnResourceName" value="/Authen/Basic"/>
<module-option name="rolesParam" value="OAM_GROUPS"/>
<module-option name="publicAuthzResourceName"
value="/Authen/SSOToken"/>
</login-module>
</authentication>
</security-domain>
Deploy the application.
Start JBoss using the following command:
JBoss_install_dir\bin\standalone.bat
Note:
Valve is not currently supported at the Global level.
The JBoss agent codebase libraries are not updated during this procedure.
Role based authorization in EJB is not working in EAP when trying to create the authentication token on the client side via OAMLoginModule and trying to propagate the authentication token to the JBoss server via the ClientLoginModule class.