This tutorial guides you through configuring a caching realm in Elytron to improve authentication performance for your WildFly applications. By caching user credentials retrieved from a separate security realm (e.g., LDAP), you can significantly reduce the load on your identity store and enhance application responsiveness.
JBoss Security
WildFly relies upon Elytron as the new single unified framework that can manage and configure security for both standalone servers and managed domains.
The legacy security subsystem (which uses PicketBox framework) has been removed in WildFly 25 therefore it’s required to migrate your security infrastructure to Elytron if you want to use the latest version of the application server.
The Elytron project provides a single unified security framework across the entire application server. As a single framework it will be usable both for configuring management access to the server and for applications installed to the Application Server.
To learn more about WildFly Security, we recommend checking the following resources:
Elytron Realms
Introduction to Elytron Security Realms
How to configure an Elytron JDBC Realm on WildFly
How to configure an Elytron LDAP Realm on WildFly
How to create a custom Elytron Realm
How to use failover and distributed Realms in Elytron
How to configure an Elytron JAAS Security Realm
HTTPS / TLS
How to configure SSL/HTTPS on WildFly
Configuring TLS 1.3 on WildFly application Server
Securing Management Interfaces
How to secure WildFly Management interfaces
Securing WildFly Management interfaces with LDAP
Application Security
Configuring HTTP Basic Authentication with WildFly
Securing a Web application with LDAP and Keycloak
Secure WildFly applications with OpenID Connect
Legacy Security (PicketBox)
Securing JBoss applications with PicketBox
Securing JBoss applications using the ApplicationRealm
Configuring JBoss with PicketBox LDAP Module
How to create a Custom JBoss Login Module
Configuring a MongoDB Login Module
Various
How to debug WildFly security issues
Using Java EE Security Manager with WildFly
Secure WildFly applications with OpenID Connect
WildFly 25 enables you to secure deployments using OpenID Connect (OIDC) without installing a Keycloak client adapter. This tutorial will show a proof of concept example of it.
How to configure an Elytron LDAP Realm on WildFly
This tutorial guides you through setting up an LDAP realm using the WildFly Elytron security subsystem for user authentication. We will learn how to bootstrap a sample LDAP Server with docker and create an LDAP Realm on WildFly Hard requirements For the sake of simplicity, we will start a Containerised version of OpenLdap, which is … Read more
How to configure an Elytron JAAS Security Realm
This article is a walk though the configuration of an Elytron JAAS security Realm on WildFly application server. We will shortly review how JAAS configuration works and then we will deploy an example application which leverages the JAAS Security Configuration file.
How to configure SSL/HTTPS on WildFly
This is a complete tutorial about configuring SSL/HTTPS support for JBoss EAP / WildFly application server. Generally speaking, to configure SSL/HTTPS you can either use the pure JSSE implementation (and the keytool utility) or a native implementation such as OpenSSL. We will cover at first the JSSE implementation with keytool. Later we will show how … Read more
Securing JBoss applications with PicketBox
PicketBox is the legacy security framework for JBoss / WildFly applications. This security framework is now deprecated on newer versions of WildFly and it’s therefore recommended to switch to Elytron.
Within the Security section of this site, you will find introduction and advanced tutorials to get started with Elytron.
How to run WildFly through a firewall
This tutorial will guide you through the configuration of firewall rules to run WildFly through a firewall.
Creating an Elytron Security Realm for WildFly
Elytron is WildFly’s security framework which has replaced the PicketBox legacy security system. In this tutorial we will have an overview of it and learn how to create a sample Elytron File System Realm to secure applications. Next, we will learn how to encrypt the content of Identities in the File System.
How to debug WildFly security issues
In this article we will discuss how to troubleshoot WildFly security issues by enabling the right Loggers or System Properties.
Ho to configure proxy settings in WildFly
This tutorial covers how to configure WildFly to use Proxy settings to manage connections through a Proxy and, if needed, Proxy authorization. Configuring WildFly to use Proxy Host settings is not different from any other Java application. Basically you need to include the following System Properties in your start script: http.proxyHost: the host name of … Read more