source code: https://github.com/byorn/wildfly-webservice-security
A Sample EAR extracted from the Wildfly Quickstarts can be found from the above source.
It contains a @Webservice and @SecurityDomain, protecting the @Webmethod with defined roles.
In the project's EJB Section, is the Module DelegationLoginModule.
This is a custom Login Module. All the information on how to authentication the user name and password is described in the source comments.
The Standalone.xml in Wildfly10 should have this configuration:
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="byorns.com.login.module.DelegationLoginModule" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
web.xml should have
<login-config>
<auth-method>BASIC</auth-method> <realm-name>RealmUsersRoles</realm-name></login-config>
Test with SOAP UI, Basic Authentication:
For more security related debugs:
Add the logger in Standalone.xml
<logger category="org.jboss.security">
<level name="TRACE"/>
</logger>
