WildFly Management Interfaces: Difference between revisions
| Line 22: | Line 22: | ||
=Security= | =Security= | ||
Core management authentication is responsible for securing the management interfaces. Core management authentication is built into the core management and it is enabled and configured as a [ | Core management authentication is responsible for securing the management interfaces. Core management authentication is built into the core management and it is enabled and configured as a [[WildFly Core Services|core service]] by default. | ||
The management APIs relies on the [https://home.feodorov.com:9443/wiki/Wiki.jsp?page=JBoss7SecurityRealm#section-JBoss7SecurityRealm-ManagementRealm Management Realm] for authentication and authorization needs: in order to access the management API functionality, a user need to successfully authenticate against the Management Realm. Note that by default, no roles are required to access the management APIs, authentication is sufficient. | The management APIs relies on the [https://home.feodorov.com:9443/wiki/Wiki.jsp?page=JBoss7SecurityRealm#section-JBoss7SecurityRealm-ManagementRealm Management Realm] for authentication and authorization needs: in order to access the management API functionality, a user need to successfully authenticate against the Management Realm. Note that by default, no roles are required to access the management APIs, authentication is sufficient. | ||
Revision as of 01:24, 10 February 2016
Internal
Overview
WildFly core management functionality is exposed via two different management interfaces (the terms management interfaces and management APIs are used interchangeably):
- Native API - used by the Management CLI
- HTTP API - used by the Management CLI and the web-based Management Console.
These two interfaces offer distinct ways to access the same core management system.
Diagram
Configuration
Security
Core management authentication is responsible for securing the management interfaces. Core management authentication is built into the core management and it is enabled and configured as a core service by default.
The management APIs relies on the Management Realm for authentication and authorization needs: in order to access the management API functionality, a user need to successfully authenticate against the Management Realm. Note that by default, no roles are required to access the management APIs, authentication is sufficient.
JMX Management Beans
The management API is also exposed as JMX Management Beans. These Management Beans are referred to as core mbeans. Prior to WildFly, the management functionality was primarily JMX based. With WildFly, the core management does not rely on JMX to perform operations, JMX exposed beans are now just an alternative mechanism, in addition to the native and HTTP interfaces. [JBoss7 Remoting#JBossRemotingAndJMXAccess].
TODO:
- Does JMX read/write the same core management functionality? Explain that in more details.
- Migrate JBoss7Remoting#JBossRemotingAndJMXAccess https://home.feodorov.com:9443/wiki/Wiki.jsp?page=JBoss7Remoting#section-JBoss7Remoting-JBossRemotingAndJMXAccess