Red Hat Training

A Red Hat training course is available for Red Hat Fuse

2.4. Configuring Roles for the Administrative Protocols

Overview

By configuring each of the administrative functions to use a different role for authorization, you can provide fine grained control over who can monitor and manipulate running containers.

Administration protocols

You can independently configure roles for the following different administrative protocols:
  • SSH (remote console login)
  • JMX management

Default role

The default role name for all of the administration protocols is set by the karaf.admin.role property in the Red Hat JBoss Fuse's etc/system.properties file. For example, the default setting of karaf.admin.role is:
karaf.admin.role=admin
You have the option of overriding the default admin role set by karaf.admin.role for each of the administrative protocols.

Changing the remote console's role

To override the default role for the remote console add a sshRole property to the org.apache.karaf.shell PID. The following sets the role to admin:
sshRole=admin

Changing the JMX role

To override the default role for JMX add a jmxRole property to the org.apache.karaf.management PID. The following sets the role to jmx:
jmxRole=jmx