9.7.8. Configure Security Realms for the Management Interfaces

The Management Interfaces use security realms to control authentication and access to the configuration mechanisms of JBoss Enterprise Application Platform. This topic shows you how to read and configure security realms. These commands use the Management CLI.
Read a Security Realm's Configuration

This example shows the default configuration for the ManagementRealm security realm. It uses a file called mgmt-users.properties to store its configuration information.

Example 9.18. Default ManagementRealm

	/host=master/core-service=management/security-realm=ManagementRealm/:read-resource(recursive=true,proxies=false,include-runtime=false,include-defaults=true)
{
    "outcome" => "success",
    "result" => {
        "authorization" => undefined,
        "server-identity" => undefined,
        "authentication" => {"properties" => {
            "path" => "mgmt-users.properties",
            "plain-text" => false,
            "relative-to" => "jboss.domain.config.dir"
        }}
    }
}
Write a Security Realm

The following commands create a new security realm called TestRealm and set the name and directory for the relevant properties file.

Example 9.19. Writing a Security Realm

/host=master/core-service=management/security-realm=TestRealm/:add
/host=master/core-service=management/security-realm=TestRealm/authentication=properties/:write-attribute(name=path,value=TestUsers.properties)
/host=master/core-service=management/security-realm=TestRealm/authentication=properties/:write-attribute(name=relative-to,value=jboss.domain.config.dir)
Apply a Security Realm to the Management Interface

After adding a security realm, supply its name as a reference to the Management Interface.

Example 9.20. Add a Security Realm to a Management Interface

host=master/core-service=management/management-interface=http-interface/:write-attribute(name=security-realm,value=TestRealm)
Changes to management interfaces take effect after JBoss Enterprise Application Platform is restarted.