[jboss-as7-dev] Use of CLI to add security-domain

Wolf-Dieter Fink wfink at redhat.com
Fri Jul 27 14:02:25 EDT 2012 

Hi,

I try to add this to the standalone.xml via CLI:

    <subsystem xmlns="urn:jboss:domain:security:1.2">
             <security-domains>
                  ....
                  <security-domain name="lbank" cache-type="default">
                     <authentication>
                         <login-module code="UsersRoles" flag="required">
                             <module-option name="usersProperties" 
value="${jboss.server.config.dir}/lbank-users.properties"/>
                             <module-option name="rolesProperties" 
value="${jboss.server.config.dir}/lbank-roles.properties"/>
                             <module-option name="password-stacking" 
value="useFirstPass"/>
                         </login-module>
                     </authentication>
                 </security-domain>


If I add it to XML the CLI will show:
/[standalone at localhost:9999 /] 
/subsystem=security/security-domain=lbank:read-resource(recursive=true)
{
     "outcome" => "success",
     "result" => {
         "acl" => undefined,
         "audit" => undefined,
         "authorization" => undefined,
         "cache-type" => "default",
         "identity-trust" => undefined,
         "jsse" => undefined,
         "mapping" => undefined,
         "authentication" => {"classic" => {"login-modules" => [{
             "code" => "UsersRoles",
             "flag" => "required",
             "module-options" => [
                 ("usersProperties" => expression 
"${jboss.server.config.dir}/lbank-users.properties"),
                 ("rolesProperties" => expression 
"${jboss.server.config.dir}/lbank-roles.properties"),
                 ("password-stacking" => "useFirstPass")
             ]
         }]}}
     }
}
[standalone at localhost:9999 /] 
/subsystem=security/security-domain=lbank/authentication=classic:read-attribute(name=login-modules)
{
     "outcome" => "success",
     "result" => [{
         "code" => "UsersRoles",
         "flag" => "required",
         "module-options" => [
             ("usersProperties" => expression 
"${jboss.server.config.dir}/lbank-users.properties"),
             ("rolesProperties" => expression 
"${jboss.server.config.dir}/lbank-roles.properties"),
             ("password-stacking" => "useFirstPass")
         ]
     }]
}
/

#simple is
//subsystem=security/security-domain=lbank:add(cache-type=default)/

but how to know that "classic" must used?
//subsystem=security/security-domain=lbank/authentication=/
tab completition will not help, only if I type =classic: the tab 
completition will show commands otherwise not

I suppose that this should be correct, but it shows an error:
EAP6
/[standalone at localhost:9999 /] 
/subsystem=security/security-domain=lbank/authentication=classic:write-attribute(name=login-modules,value=[{code=UsersRoles,flag=required}])
{
     "outcome" => "failed",
     "failure-description" => "JBAS014688: Wrong type for value. 
Expected [LIST] but was STRING",
     "rolled-back" => true
}
/
AS7.2 (upstream)
/[standalone at localhost:9999 /] 
/subsystem=security/security-domain=lbank/authentication=classic:write-attribute(name=login-modules,value=[{code=UsersRoles,flag=required}])
{
     "outcome" => "failed",
     "failure-description" => "JBAS014807: Management resource '[
     (\"subsystem\" => \"security\"),
     (\"security-domain\" => \"lbank2\"),
     (\"authentication\" => \"classic\")
]' not found",
     "rolled-back" => true
}/


Next difficulty is to add the module-options with expressions.

Any guiding or help?

Wolf



BTW the CLI tab completition crash:
//subsystem=security/security-domain=lbankx/authentication=(
java.lang.IllegalArgumentException: The argument value is not specified 
for name: 'null'
     at 
org.jboss.as.cli.operation.impl.DefaultOperationRequestBuilder.addProperty(DefaultOperationRequestBuilder.java:113)
     at 
org.jboss.as.cli.operation.impl.DefaultOperationCandidatesProvider.getProperties(DefaultOperationCandidatesProvider.java:208)
     at 
org.jboss.as.cli.operation.impl.DefaultOperationCandidatesProvider.getProperties(DefaultOperationCandidatesProvider.java:51)
     at 
org.jboss.as.cli.operation.OperationRequestCompleter.complete(OperationRequestCompleter.java:142)
     at org.jboss.as.cli.CommandCompleter.complete(CommandCompleter.java:93)
     at org.jboss.as.cli.impl.Console$Factory$1$1.complete(Console.java:96)
     at org.jboss.jreadline.console.Console.complete(Console.java:809)
     at org.jboss.jreadline.console.Console.read(Console.java:383)
     at org.jboss.jreadline.console.Console.read(Console.java:221)
     at org.jboss.as.cli.impl.Console$Factory$1.readLine(Console.java:166)
     at 
org.jboss.as.cli.impl.CommandContextImpl.interact(CommandContextImpl.java:1129)
     at org.jboss.as.cli.impl.CliLauncher.main(CliLauncher.java:243)
     at org.jboss.as.cli.CommandLineMain.main(CommandLineMain.java:34)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
     at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     at java.lang.reflect.Method.invoke(Method.java:616)
     at org.jboss.modules.Module.run(Module.java:270)
     at org.jboss.modules.Main.main(Main.java:294)
/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-as7-dev/attachments/20120727/1359342f/attachment.html

More information about the jboss-as7-dev mailing list