5.10. Secure the Management Interfaces via JAAS

To use JAAS to authenticate to the Management interfaces:

First, create a security domain with the UserRoles login module:

/subsystem=security/security-domain=UsersLMDomain:add(cache-type=default)
/subsystem=security/security-domain=UsersLMDomain/authentication=classic:add
/subsystem=security/security-domain=UsersLMDomain/authentication=classic/login-module=UsersRoles:add()

Then, create a security realm with JAAS Authentication:

/core-service=management/security-realm=SecurityDomainAuthnRealm:add
/core-service=management/security-realm=SecurityDomainAuthnRealm/authentication=jaas:add(name=UsersLMDomain)

The attribute assign-groups determines whether loaded user membership information from the Security Domain is used for group assignment in the Security Realm. When set to true this group assignment is used for Role-Based Access Control (RBAC).

The assign-groups attribute can be set to true by this CLI command:

/core-service=management/security-realm=ManagementRealm/authentication=jaas:write-attribute(name=assign-groups,value=true)

Report a bug

Select Your Language

5.10. Secure the Management Interfaces via JAAS

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Language and Page Formatting Options

5.10. Secure the Management Interfaces via JAAS

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links