10.7.8. Configure Security Realms for the Management Interfaces
The Management Interfaces use security realms to control authentication and access to the configuration mechanisms of JBoss EAP 6. This topic shows you how to read and configure security realms. These commands use the Management CLI.
Read a Security Realm's Configuration
This example shows the default configuration for the ManagementRealm
security realm. It uses a file called mgmt-users.properties
to store its configuration information.
Example 10.17. Default ManagementRealm
/host=master/core-service=management/security-realm=ManagementRealm/:read-resource(recursive=true,proxies=false,include-runtime=false,include-defaults=true)
{
"outcome" => "success",
"result" => {
"authorization" => undefined,
"server-identity" => undefined,
"authentication" => {"properties" => {
"path" => "mgmt-users.properties",
"plain-text" => false,
"relative-to" => "jboss.domain.config.dir"
}}
}
}
Write a Security Realm
The following commands create a new security realm called TestRealm
and set the directory for the relevant properties file.
Example 10.18. Writing a Security Realm
/host=master/core-service=management/security-realm=TestRealm/:add
/host=master/core-service=management/security-realm=TestRealm/authentication=properties/:add(path=TestUsers.properties, relative-to=jboss.domain.config.dir)
Apply a Security Realm to the Management Interface
After adding a security realm, supply it as a reference to the Management Interface.
Example 10.19. Add a Security Realm to a Management Interface
/host=master/core-service=management/management-interface=http-interface/:write-attribute(security-realm=TestRealm)