Red Hat Training

A Red Hat training course is available for Red Hat JBoss Data Virtualization

Chapter 4. Authentication Modules

4.1. Configuring Transports

The security-domain attribute within the transport element is used to set a comma separated list of desired security domains (and their associated authentication modules). 
<transport name="jdbc" protocol="teiid" socket-binding="teiid-jdbc">
     <authentication security-domain="teiid-security"/>
  </transport>
Usernames can be fully qualified to authenticate only against a particular domain: 
username@domainname
If a username is not fully qualified, the installed domains will be consulted in order until a domain successfully authenticates the user.
If no domain can authenticate the user, the login attempt will fail. Details of the failed attempt (including information such as invalid users and which domains were consulted) will be in the server log with appropriate levels of severity.
The security domain defined for each transport type can be different. Users can configure a unique transport for JDBC and ODBC (and for multiple JDBC ports), each with a different security domain.

Warning

In existing installations a security domain may already be configured for use by administrative clients (such as the management concole). If the admin connections (CLI and AdminShell) are not secured, it is recommended that you secure these interfaces by executing the EAP_HOME/bin/scripts/add-user.sh script.