10.7.8. Configure Security Realms for the Management Interfaces

The Management Interfaces use security realms to control authentication and access to the configuration mechanisms of JBoss EAP 6. This topic shows you how to read and configure security realms. These commands use the Management CLI.
Read a Security Realm's Configuration

This example shows the default configuration for the ManagementRealm security realm. It uses a file called mgmt-users.properties to store its configuration information.

Example 10.18. Default ManagementRealm

	/host=master/core-service=management/security-realm=ManagementRealm/:read-resource(recursive=true,proxies=false,include-runtime=false,include-defaults=true)
{
    "outcome" => "success",
    "result" => {
        "authorization" => undefined,
        "server-identity" => undefined,
        "authentication" => {"properties" => {
            "path" => "mgmt-users.properties",
            "plain-text" => false,
            "relative-to" => "jboss.domain.config.dir"
        }}
    }
}
Write a Security Realm

The following commands create a new security realm called TestRealm and set the directory for the relevant properties file.

Example 10.19. Writing a Security Realm

/host=master/core-service=management/security-realm=TestRealm/:add
/host=master/core-service=management/security-realm=TestRealm/authentication=properties/:add(path=TestUsers.properties, relative-to=jboss.domain.config.dir)
Apply a Security Realm to the Management Interface

After adding a security realm, supply it as a reference to the Management Interface.

Example 10.20. Add a Security Realm to a Management Interface

/host=master/core-service=management/management-interface=http-interface/:write-attribute(security-realm=TestRealm)