Search Mastertheboss

Our eBooks

Configuring HTTP Basic Authentication with WildFly

In this tutorial we will learn how to configure HTTP basic authentication with WildFly.

Basic authentication is a simple authentication policy built into the HTTP protocol. The client sends an HTTP request with the Authorization header that contains the word Basic word followed by a space and a base64-encoded string username:password.

wildfly basic authentication wildfly basic authentication

As an example, in order to authorize as demo / p@55w0rd the client would send

    Authorization: Basic ZGVtbzpwQDU1dzByZA==

Note: Because base64 is easily decoded, Basic authentication should only be used together with other security mechanisms such as HTTPS/SSL.

Example: enabling HTTP Basic Authentication in WildFly

First, add a user as follows:

$ ./ -a testuser testuser@123  
Added user 'testuser' to file '/PATH/TO/wildfly-14.0.1.Final/standalone/configuration/'  
Added user 'testuser' to file '/PATH/TO/wildfly-14.0.1.Final/domain/configuration/'  

Then set the security domain in "jboss-web.xml":


And configure in your web.xml:

<!DOCTYPE web-app PUBLIC  
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"  
 "" >  
  <display-name>Demo Authenticated Web Application</display-name>  

Setting HTTP Basic authentication for Web Services

In case you are using EJB-based Web Services the configuration is slightly different; because the security domain is not specified into the web descriptors, we have to provide it by means of annotations:

@WebService(targetNamespace = "",
serviceName = "SecureService")
@WebContext(authMethod = "BASIC",
secureWSDLAccess = false)
@SecurityDomain(value = "other")
public class SecureEJB { }

As you can see, the @WebContext annotation basically reflects the same configuration options of POJO-based Web Services, with BASIC authentication and unrestricted WSDL access.

Basic authentication using Database

If you want to learn how to configure authentication using a Database instead of a property file, check this tutorial: Configure an Elytron JDBC Realm on WildFly

Related articles available on

JBoss security framework

Security is a fundamental part of any enterprise application .The

Configure JBoss with LDAP

In this tutorial we will show how to connect JBoss AS 7 (and earl

Configuring Single Signon on JBoss AS 7

This tutorial describes how to configure Single Signon for a JBos

Securing AS 7 applications using the ApplicationRealm

JBoss AS 7 and the EAP 6 provide out of the box a Security Domain

Securing access to JBoss-WildFly Management console

This tutorial shows how to secure WildFly Management interfaces u

Configuring a MongoDB Login Module

Creating a Login Module with JBoss AS 7 or WildFly can be done by

© 2020 All Rights Reserved.

Please publish modules in offcanvas position.