What is the purpose of the "other", "jboss-web-policy", "jboss-ejb-policy" security-domains in JBoss EAP 6?
Issue
- In the security sub-system what are the following the security domains defined by default "other", "jboss-web-policy", "jboss-ejb-policy" meant for:
The section of the standalone xml file is below:
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="ImaRealm" cache-type="default">
<authentication>
<login-module code="ima.code.ImaCustomLoginModule" flag="required" module="ima.code"/>
</authentication>
</security-domain>
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmDirect" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="jboss-web-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required"/>
</authorization>
</security-domain>
<security-domain name="jboss-ejb-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required"/>
</authorization>
</security-domain>
</security-domains>
</subsystem>
- For authentication of all requests that come to the server there is a third party SSO solution. For that configured the security domain "ImaRealm" is configured ,can the rest of the security domains be removed?
- How to secure application using
ApplicationRealmuser added usingadd-user.shscript?
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
