Using steps from https://docs.wildfly.org/23/WildFly_Elytron_Security.html#Custom_CredentialStore
Created a SPI and Provider implementation. For now, just simple implementation with logs to see if it works.
Now I don't know how to add this do WildFly.
I packaged it into a module and:
<extension module=...>
ref on standalone.xml, but than it complains that it is not an extension;subsystem=domain:ee/global-modules/module
, there is no error, but nor SPI or Provider have a hit;subsystem=elytron/provider-loader
, then Provider is called (twice ??), but SPI not.So, using provider-loader, how to use my custom provider?
Here a snippet of Provider impl:
// used WildFlyElytronCredentialStoreProvider as reference
public class TestCredentialStoreProvider extends WildFlyElytronBaseProvider {
private static final TestCredentialStoreProvider INSTANCE = new TestCredentialStoreProvider ();
public TestCredentialStoreProvider () {
super("TestCredentialStoreProvider ", "1.0", "Test CredentialStore Provider");
putService(new Service(this, "CredentialStore", "TestCredentialStore", "package.TestCredentialStore", emptyList, emptyMap));
}
public static TestCredentialStoreProvider getInstance() {
return INSTANCE;
}
}
Obs. Why provider is loaded twice?
Create a jar and containing your credential store and provider classes, and add it as a WildFly module with a dependency on org.wildfly.security.elytron. For example:
module add --name=org.wildfly.customcredstore --resources=/path/to/customcredstoreprovider.jar --dependencies=org.wildfly.security.elytron
Create a provider loader for your provider. For example:
/subsystem=elytron/provider-loader=myProviderLoader:add(class-names=[org.wildfly.security.mycustomcredstore.CustomProvider],module=org.wildfly.customcredstore)
You can add it to the list of initial providers and reload the server
/subsystem=elytron:write-attribute(name=initial-providers,value=myProviderLoader)
reload
You can check loaded providers:
/subsystem=elytron/provider-loader=myProviderLoader:read-attribute(name=loaded-providers)
Then to add a custom credential store with the provider you can use:
/subsystem=elytron/credential-store=mystore:add(providers=myProviderLoader,type=TestCredentialStore,credential-reference={clear-text='pass'})
There is also some docs on how to add custom elytron component here: https://docs.wildfly.org/26/WildFly_Elytron_Security.html#Custom_Components