附录 A. 参考资料
A.1. wildfly-config.xml 示例
wildlfly-config.xml 文件是客户端使用 Elytron Client 的一种方法,它允许客户端在连接 JBoss EAP 时使用安全信息。有关使用 Elytron 客户端的详情,请参阅使用 Elytron 客户端配置客户端身份验证。
示例: custom-config.xml
<configuration>
<authentication-client xmlns="urn:elytron:client:1.2">
<authentication-rules>
<rule use-configuration="monitor">
<match-host name="127.0.0.1" />
</rule>
<rule use-configuration="administrator">
<match-host name="localhost" />
</rule>
</authentication-rules>
<authentication-configurations>
<configuration name="monitor">
<sasl-mechanism-selector selector="DIGEST-MD5" />
<providers>
<use-service-loader />
</providers>
<set-user-name name="monitor" />
<credentials>
<clear-password password="password1!" />
</credentials>
<set-mechanism-realm name="ManagementRealm" />
</configuration>
<configuration name="administrator">
<sasl-mechanism-selector selector="DIGEST-MD5" />
<providers>
<use-service-loader />
</providers>
<set-user-name name="administrator" />
<credentials>
<clear-password password="password1!" />
</credentials>
<set-mechanism-realm name="ManagementRealm" />
</configuration>
</authentication-configurations>
<net-authenticator/>
<!-- This decides which SSL context configuration to use -->
<ssl-context-rules>
<rule use-ssl-context="mycorp-client">
<match-host name="mycorp.com"/>
</rule>
</ssl-context-rules>
<ssl-contexts>
<default-ssl-context name="mycorp-context"/>
<ssl-context name="mycorp-context">
<key-store-ssl-certificate key-store-name="store1" alias="mycorp-client-certificate"/>
<!-- This is an OpenSSL-style cipher suite selection string; this example is the expanded form of DEFAULT to illustrate the format -->
<cipher-suite selector="ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"/>
<protocol names="TLSv1.2"/>
</ssl-context>
</ssl-contexts>
</authentication-client>
</configuration>
有关如何使用 wildfly-config.xml 文件配置客户端的更多信息,请参阅 JBoss EAP 开发指南 中的使用 wildfly-config.xml 文件进行客户端配置。