switched to AccountRealm support including JWT support

updated setup according to new code structure

account-ui/src/main/filters/production.properties

@@ -1,16 +1,17 @@
 jsf.projectStage=Production
 
-ldap.url = ldaps://your.domain.com
+ldap.url = ldaps://host:port
+## we will use provided username / password from webapplication
 ldap.user = user
 ldap.password = secret
-ldap.suffix = @your.domain.com
+ldap.suffix = @diebold.com
-ldap.fallbackSuffix = @your.domain2
+ldap.fallbackSuffix = @dieboldnixdorf.com
-ldap.searchBase = dc=com,dc=domain,dc.your
+ldap.searchBase = dc=ad,dc=diebold,dc=com
 ldap.searchFilter = (&(objectClass=*)(mail={0}))
 
 ## NO CHANGES BEHIND THIS LINE REQUIRED
 shiro.contextFactory = contextFactory = org.apache.shiro.realm.ldap.JndiLdapContextFactory${line.separator}contextFactory.url = ${ldap.url}${line.separator}contextFactory.systemUsername = ${ldap.user}${line.separator}contextFactory.systemPassword = ${ldap.password}${line.separator}contextFactory.environment[java.naming.security.protocol] = ssl
 shiro.passwordMatcher= passwordMatcher=org.apache.shiro.authc.credential.AllowAllCredentialsMatcher
-shiro.ldapRealm = ldapRealm = de.muehlencord.shared.account.util.UserNameActiveDirectoryRealm${line.separator}ldapRealm.principalSuffix = ${ldap.suffix}${line.separator}ldapRealm.fallbackPrincipalSuffix = ${ldap.fallbackSuffix}${line.separator}ldapRealm.ldapContextFactory = $contextFactory${line.separator}ldapRealm.searchBase = ${ldap.searchBase}${line.separator}ldapRealm.searchFilter = ${ldap.searchFilter}${line.separator}ldapRealm.permissionsLookupEnabled=false
+shiro.ldapRealm = ldapRealm = de.muehlencord.shared.account.shiro.realm.UserNameActiveDirectoryRealm${line.separator}ldapRealm.principalSuffix = ${ldap.suffix}${line.separator}ldapRealm.fallbackPrincipalSuffix = ${ldap.fallbackSuffix}${line.separator}ldapRealm.ldapContextFactory = $contextFactory${line.separator}ldapRealm.searchBase = ${ldap.searchBase}${line.separator}ldapRealm.searchFilter = ${ldap.searchFilter}${line.separator}ldapRealm.permissionsLookupEnabled=false
 shiro.authcStrategy  = org.apache.shiro.authc.pam.AllSuccessfulStrategy
 shiro.realms=$jdbcRealm,$ldapRealm

account-ui/src/main/webapp/WEB-INF/shiro.ini

@@ -28,11 +28,8 @@ ${shiro.passwordMatcher}
 ${shiro.ldapRealm}
 
 # JDBC Realm setup
-jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
+jdbcRealm = de.muehlencord.shared.account.shiro.realm.AccountRealm
-jdbcRealm.permissionsLookupEnabled=true
+jdbcRealm.applicationId = ${applicationUuid}
-jdbcRealm.authenticationQuery = SELECT accl.account_password from account acc, account_login accl, account_role accr, application_role appr WHERE accl.account = acc.id AND acc.id = accr.account AND accr.account_role = appr.id AND appr.application = '143a2bd3-7e0b-4162-a76e-3031331c7dfe' AND acc.status not in ('LOCKED','DELETED','DISABLED') AND acc.username = ?
-jdbcRealm.userRolesQuery = select r.role_name from application_role r, account_role ar, account a WHERE a.username = ? AND a.id = ar.account AND ar.account_role = r.id
-jdbcRealm.permissionsQuery = select permission_name from application_role appr, role_permission rp, application_permission appp WHERE appr.role_name = ? AND appr.application = '${applicationUuid}' AND rp.application_role = appr.id AND rp.role_permission = appp.id
 jdbcRealm.credentialsMatcher = $passwordMatcher
 jdbcRealm.dataSource = $datasource