10.7.8. Configure Security Realms for the Management Interfaces
This example shows the default configuration for the ManagementRealm
security realm. It uses a file called mgmt-users.properties
to store its configuration information.
Example 10.18. Default ManagementRealm
/host=master/core-service=management/security-realm=ManagementRealm/:read-resource(recursive=true,proxies=false,include-runtime=false,include-defaults=true)
{
"outcome" => "success",
"result" => {
"authorization" => undefined,
"server-identity" => undefined,
"authentication" => {"properties" => {
"path" => "mgmt-users.properties",
"plain-text" => false,
"relative-to" => "jboss.domain.config.dir"
}}
}
}
The following commands create a new security realm called TestRealm
and set the directory for the relevant properties file.
Example 10.19. Writing a Security Realm
/host=master/core-service=management/security-realm=TestRealm/:add
/host=master/core-service=management/security-realm=TestRealm/authentication=properties/:add(path=TestUsers.properties, relative-to=jboss.domain.config.dir)
After adding a security realm, supply it as a reference to the Management Interface.
Example 10.20. Add a Security Realm to a Management Interface
/host=master/core-service=management/management-interface=http-interface/:write-attribute(security-realm=TestRealm)