Skip to main content
31 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
0 votes
1 answer
774 views

I need to upgrade OPENSAML to 5.1.2 from 2.5.3 to support Java 17 as our project has been upgraded to Java 17. While I try to upgrade OPENSAML I am facing issues which are listed below OPENSAML-5.1.2 ...
Usha's user avatar
  • 196
0 votes
1 answer
155 views

I'm playing with OpenID Connect (using Keycloak 22.0.1) and Jakarta Faces (wildfly 29.0.1.Final with integrated JASPI at false). Here is my definition : @OpenIdAuthenticationMechanismDefinition( ...
grigouille's user avatar
  • 753
2 votes
1 answer
196 views

I'm trying to use the java-ee-kickoff-app (https://github.com/javaeekickoff/java-ee-kickoff-app) with openid. I'm using keycloak 26.0.5 and wildfly 29.0.1.Final (integrated-jaspi is false). I created ...
grigouille's user avatar
  • 753
1 vote
1 answer
59 views

I'm trying to migrate a JAX-RS application from Jersey to Apache CXF. I'm not using Spring, so I'm trying to configure it by extending javax.ws.rs.core.Application. I also implemented public class ...
Adrian Ber's user avatar
  • 21.5k
1 vote
0 answers
91 views

I'm trying to implement authentication on a Jakarta RESTful (Edit: Jakarta EE 9.1 running in a TomEE WebProfile 9.1.x) application using Jakarta Security specification. I first tried using the @...
Calcimicium's user avatar
  • 159
2 votes
1 answer
103 views

I have a Jakarta-based web app deployed in Glassfish 7.0.16. Currently, I'm implementing Jakarta Security with user-role from DB. That works fine until the client-side execute multiple ajax requests ...
Isaac Rodriguez's user avatar
  • 23
0 votes
1 answer
131 views

I'm attempting to implement a simple form based authentication based with Jakarta Security 3.0. A (very) minimal (but working) code shows the process: loginout.xhtml login calls LoginOutBean login() ...
Chris Powell's user avatar
  • 1
3 votes
1 answer
152 views

I am having a challenging time achieving a security common pattern of loading secrets from an environment variable or a properties file. I am tring to load the password of an openLDAP admin user in ...
Andre Leon Rangel's user avatar
  • 1,879
0 votes
2 answers
191 views

I created a web application with Wildfly 30 (Jakarta EE10). Authentication works with Keycloak. I use the annotation: @OpenIdAuthenticationMechanismDefinition( providerURI = "${...
Jaap D's user avatar
  • 499
0 votes
0 answers
118 views

I have Jakarta EE 10 web application with CustomFormAuthenticationMechanismDefinition. My web.xml setting: <welcome-file-list> <welcome-file>app/index.xhtml</welcome-file> </...
Tadas B.'s user avatar
  • 191
1 vote
0 answers
157 views

This is my JWTAuthenticationMechanism : package xxx; import io.jsonwebtoken.ExpiredJwtException; import jakarta.enterprise.context.ApplicationScoped; import jakarta.security.enterprise....
DanialAbdi's user avatar
  • 359
0 votes
1 answer
98 views

This is my Jersey Application Config: @ApplicationPath("/ui/v1.0") @RolesAllowed("admin") public class AppConfig extends ResourceConfig { public AppConfig() { System....
khateeb's user avatar
  • 5,519
0 votes
0 answers
76 views

My Jakarta Application class is: @ApplicationPath("/app") @RolesAllowed("admin") public class Application extends ResourceConfig { public Application() { System.out....
khateeb's user avatar
  • 5,519
1 vote
1 answer
286 views

I have a problem with defining parameters for an @OpenIdAuthenticationMechanismDefinition annotation introduced in the jakarta-ee-security-api of Jakarta EE 10. My goal is to understand the correct ...
Ralph's user avatar
  • 4,966
2 votes
0 answers
477 views

Since Jakarta EE 10 it is easily possible to protect your web application with OpenID Connect, using the new @OpenIdAuthenticationMechanismDefinition annotation. This works perfect and is quite easy ...
Ralph's user avatar
  • 4,966
3 votes
2 answers
819 views

I have the requirement to protect my existing Jakarta EE application with an OpenID provider in one of many different environments. When searching about this topic you will find the @...
Ralph's user avatar
  • 4,966
1 vote
0 answers
603 views

With the WildFly server and the integrated OIDC auth-method it is possible to secure a jakarta ee 10 rest api just sending a Bearer token in the Authentication Header. I have just to config it like ...
matthiaspi's user avatar
  • 11
0 votes
2 answers
946 views

I am replacing j_security_check with my own custom login method and the user is logged in successfully, however when it is time to redirect to home page, I keep getting this error: Unable to ...
Aria's user avatar
  • 419
1 vote
1 answer
574 views

I am trying to build web application with latest possible technologies Jakarta Faces 4.0, OIDC Jakarta security, Elytron Oidc Client, Wildfly 27.0.1, Keycloak 21.0.2 (without adapter on wildfly). Page ...
Janez Puntar's user avatar
  • 31
1 vote
0 answers
203 views

I have the same issue as in this other ticket, but I have identified that I receive SEND_CONTINUE when a redirect or forward to the login form occurs. Also, I'm using Wildfly 27.0.1, with Jakarta ...
Dominic Hilsbos's user avatar
  • 11
1 vote
1 answer
236 views

We have moved some processing logic to CDI Async Observers however some of the business methods in the observers have some security checks that use securityContext.isCallerInRole(...) to check for ...
DaveB's user avatar
  • 3,133
1 vote
1 answer
716 views

I am trying to implement role based security to a web app using Jakarta EE 10 and JSF 4.0. I currently have some resources secured with the following url pattern: /myApp/*. (details in web.xml below) ...
alpinemint's user avatar
  • 35
1 vote
0 answers
246 views

We have a JSF App that uses a custom HttpAuthenticationMechanism for authentication, it forwards users to a login page if they do not have the role required and uses @AutoApplySession for ...
DaveB's user avatar
  • 3,133
0 votes
2 answers
1k views

Got help from the Redhat guy, finally my example works with Local KeyCloak(in Docker) as well as Okta. My example is here: https://github.com/hantsy/jakartaee10-sandbox/tree/master/security-oidc And I ...
Hantsy's user avatar
  • 9,611
2 votes
1 answer
816 views

I am creating an simple Jakarta EE 9 app. Because of my own reason, I have to implement my own HttpAuthenticationMechanism (I am not using built-in HttpAuthenticationMechanism CDI beans). I am having ...
LHA's user avatar
  • 9,715
0 votes
1 answer
293 views

I have an app with multiple user types (roles), each stored in different tables in the same SQL DB and each has its own login page. To implement this using Jakarta EE 8 security API I see I have two ...
DaveB's user avatar
  • 3,133
0 votes
2 answers
2k views

I am trying to setup a simple JSF login using Jakarta EE 8 Security, I have implemented the login page as a custom form as follows: @ApplicationScoped @CustomFormAuthenticationMechanismDefinition( ...
DaveB's user avatar
  • 3,133
1 vote
1 answer
2k views

A current application running in Wildfly (Jboss) uses its own Authentication system that internally verifies passwords and credentials on its Database. This system is no longer viable for the future ...
tomaytotomato's user avatar
  • 4,088
4 votes
1 answer
3k views

I'm used to using WildFly for Java/Jakarta EE development and lately I wanted to update a project that is using JAAS for authentication/authorization to the new Jakarta Security API from Jakarta EE 9....
Vítor E. Silva Souza's user avatar
  • 1,625
1 vote
0 answers
608 views

I can't make the quickstart ee-security work with Wildfly 25.0.1. After sending the request : curl -v http://localhost:8080/ee-security/secured -H 'X-Username:quickstartUser' -H 'X-Password:...
grigouille's user avatar
  • 753
2 votes
1 answer
2k views

I'm fully aware that wildfly 25 has dropped legacy security realms. So I tried to move from wildfly 20.0.1 to wildfly 25.0.1. According to the quickstart ee-security, I did /subsystem=elytron/policy=...
grigouille's user avatar
  • 753