WildFly Management API Configuration: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
No edit summary
Line 11: Line 11:


     <management>
     <management>
         <security-realms>
         <security-realms>
             <security-realm name="ManagementRealm">
             <security-realm name="ManagementRealm">
                 <authentication>
                 <authentication>
Line 21: Line 23:
                 </authorization>
                 </authorization>
             </security-realm>
             </security-realm>
             <security-realm name="ApplicationRealm">
             <security-realm name="ApplicationRealm">
                 <authentication>
                 <authentication>
Line 30: Line 33:
                 </authorization>
                 </authorization>
             </security-realm>
             </security-realm>
         </security-realms>
         </security-realms>
         <audit-log>
         <audit-log>
             <formatters>
             <formatters>
Line 44: Line 49:
             </logger>
             </logger>
         </audit-log>
         </audit-log>
         <management-interfaces>
         <management-interfaces>
             <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
             <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
                 <socket-binding http="management-http"/>
                 <socket-binding http="management-http"/>
             </http-interface>
             </http-interface>
         </management-interfaces>
         </management-interfaces>
         <access-control provider="simple">
         <access-control provider="simple">
             <role-mapping>
             <role-mapping>

Revision as of 02:25, 10 February 2016

Internal


Overview


    ...

    <management>

        <security-realms>

            <security-realm name="ManagementRealm">
                <authentication>
                    <local default-user="$local" skip-group-loading="true"/>
                    <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
                </authentication>
                <authorization map-groups-to-roles="false">
                    <properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
                </authorization>
            </security-realm>

            <security-realm name="ApplicationRealm">
                <authentication>
                    <local default-user="$local" allowed-users="*" skip-group-loading="true"/>
                    <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
                </authentication>
                <authorization>
                    <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
                </authorization>
            </security-realm>

        </security-realms>

        <audit-log>
            <formatters>
                <json-formatter name="json-formatter"/>
            </formatters>
            <handlers>
                <file-handler name="file" formatter="json-formatter" relative-to="jboss.server.data.dir" path="audit-log.log"/>
            </handlers>
            <logger log-boot="true" log-read-only="false" enabled="false">
                <handlers>
                    <handler name="file"/>
                </handlers>
            </logger>
        </audit-log>

        <management-interfaces>

            <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
                <socket-binding http="management-http"/>
            </http-interface>

        </management-interfaces>

        <access-control provider="simple">
            <role-mapping>
                <role name="SuperUser">
                    <include>
                        <user name="$local"/>
                    </include>
                </role>
            </role-mapping>
        </access-control>
    </management>

   ...