9.7.8. Configure Security Realms for the Management Interfaces
This example shows the default configuration for the ManagementRealm
security realm. It uses a file called mgmt-users.properties
to store its configuration information.
Example 9.18. Default ManagementRealm
/host=master/core-service=management/security-realm=ManagementRealm/:read-resource(recursive=true,proxies=false,include-runtime=false,include-defaults=true)
{
"outcome" => "success",
"result" => {
"authorization" => undefined,
"server-identity" => undefined,
"authentication" => {"properties" => {
"path" => "mgmt-users.properties",
"plain-text" => false,
"relative-to" => "jboss.domain.config.dir"
}}
}
}
The following commands create a new security realm called TestRealm
and set the name and directory for the relevant properties file.
Example 9.19. Writing a Security Realm
/host=master/core-service=management/security-realm=TestRealm/:add
/host=master/core-service=management/security-realm=TestRealm/authentication=properties/:write-attribute(name=path,value=TestUsers.properties)
/host=master/core-service=management/security-realm=TestRealm/authentication=properties/:write-attribute(name=relative-to,value=jboss.domain.config.dir)
After adding a security realm, supply its name as a reference to the Management Interface.
Example 9.20. Add a Security Realm to a Management Interface
host=master/core-service=management/management-interface=http-interface/:write-attribute(name=security-realm,value=TestRealm)