EAP, how to management-interfaces with multiple or fail-over security-realm(s)

Latest response

I have a working configuration for the native-interface and http-interface, with ldap login.

But I want a second or even more security-realm as fail-over, with user/password.

How do I configure that?

TD
Log in to join the conversation

Responses

Mustafa Musaji's picture Red Hat Guru 1798 points
3 September 2014 11:00 AM

I'm not sure I understand what you mean. Can you give us a use case that might help me understand this a little better?

TD Community Member 27 points
3 September 2014 1:24 PM

I'm sorry, english is not me native language.

I want a combined system for management security with ldap login and user/password login.

Mustafa Musaji's picture Red Hat Guru 1798 points
3 September 2014 1:37 PM

Hi Peter

I think it might be better if you raise a case with our support team for this. I've asked our security guys to take a look at this but I think we may need more information which is better handled over a case.

Regards
Mustafa

DP Newbie 7 points
25 August 2015 11:15 PM

He meant what if ldap is not available, how do we access JBOSS console/jboss-cli.sh.
For example, if ldap fails, we could use an user that is created in this realm:

security-realm name="ManagementRealm"
properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"
properties path="mgmt-groups.properties" relative-to="jboss.domain.config.dir"

But its not possible to configure more than one type in security-realm:

management-interfaces
native-interface security-realm="OpenLDAPRealm"
socket interface="management" port="${jboss.management.native.port:9999}"
native-interface
http-interface security-realm="OpenLDAPRealm"
socket interface="management" port="${jboss.management.http.port:9990}"
http-interface
management-interfaces
management

Daniela

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.