What is the purpose of the "other", "jboss-web-policy", "jboss-ejb-policy" security-domains in JBoss EAP 6?
Issue
- In the security sub-system what are the following the security domains defined by default "other", "jboss-web-policy", "jboss-ejb-policy" meant for:
The section of the standalone xml file is below:
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="ImaRealm" cache-type="default">
<authentication>
<login-module code="ima.code.ImaCustomLoginModule" flag="required" module="ima.code"/>
</authentication>
</security-domain>
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmDirect" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="jboss-web-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required"/>
</authorization>
</security-domain>
<security-domain name="jboss-ejb-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required"/>
</authorization>
</security-domain>
</security-domains>
</subsystem>
- For authentication of all requests that come to the server there is a third party SSO solution. For that configured the security domain "ImaRealm" is configured ,can the rest of the security domains be removed?
- How to secure application using
ApplicationRealmuser added usingadd-user.shscript?
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
