Extension for registering Java Security Providers in JBoss AS at runtime.
Current version supports SunPKCS11 provider and providers with public constructor without arguments.
You need to have git installed
$ git clone git://github.com/kwart/jboss-as-security-providers-extension.git
You need to have Maven installed
$ cd jboss-as-security-providers-extension
$ mvn clean install
Copy the produced module to the JBoss AS modules (set correct path to $JBOSS_HOME):
$ JBOSS_HOME=/home/test/jboss-as
$ cp -R target/modules/* "$JBOSS_HOME/modules"
Until sun.jdk package exports are fixed (JBPAPP6-1748) in the JBoss AS you have to edit file $JBOSS_HOME/modules/sun/jdk/main/module.xml manually. Add this line to exports:
<path name="sun/security/pkcs11"/>
Use the CLI - jboss-cli.sh (or .bat). Add the AS extension and register the security provider(s):
/extension=org.jboss.as.security.providers:add
/subsystem=security-providers:add
/subsystem=security-providers/sunpkcs11=NSSfips:add(attributes=[("nssLibraryDirectory"=>"/opt/tests/nss/lib"),("nssSecmodDirectory"=>"/opt/tests/nss/fipsdb"),("nssModule"=>"fips")])
Look at Java PKCS#11 Reference Guide to get list of possible attribues.
Check JBoss AS console (or log files) if no error occures during the Security Provider registration.