[jboss-as7-dev] Use of CLI to add security-domain
Wolf-Dieter Fink
wfink at redhat.com
Mon Jul 30 05:14:30 EDT 2012
Thanks Tomaz,
but in my case I strip the command and did not use module-options but
neither EAP6 nor AS7.2.
The messages are different, see eMail thread.
The validation looks correct in case of AS7.2, if I drop i.e. 'flag' a
validation error is shown.
Wolf
On 07/28/2012 10:54 PM, Tomaž Cerar wrote:
> Wolf,
>
> module-options do not support expressions yet, there is an issue open
> to add support for it: https://issues.jboss.org/browse/AS7-5177
> I have started working on it, but am not done yet..
>
> --
> tomaz
>
> On Fri, Jul 27, 2012 at 8:02 PM, Wolf-Dieter Fink <wfink at redhat.com
> <mailto:wfink at redhat.com>> wrote:
>
> Hi,
>
> I try to add this to the standalone.xml via CLI:
>
> <subsystem xmlns="urn:jboss:domain:security:1.2">
> <security-domains>
> ....
> <security-domain name="lbank" cache-type="default">
> <authentication>
> <login-module code="UsersRoles"
> flag="required">
> <module-option name="usersProperties"
> value="${jboss.server.config.dir}/lbank-users.properties"/>
> <module-option name="rolesProperties"
> value="${jboss.server.config.dir}/lbank-roles.properties"/>
> <module-option
> name="password-stacking" value="useFirstPass"/>
> </login-module>
> </authentication>
> </security-domain>
>
>
> If I add it to XML the CLI will show:
> /[standalone at localhost:9999 /]
> /subsystem=security/security-domain=lbank:read-resource(recursive=true)
> {
> "outcome" => "success",
> "result" => {
> "acl" => undefined,
> "audit" => undefined,
> "authorization" => undefined,
> "cache-type" => "default",
> "identity-trust" => undefined,
> "jsse" => undefined,
> "mapping" => undefined,
> "authentication" => {"classic" => {"login-modules" => [{
> "code" => "UsersRoles",
> "flag" => "required",
> "module-options" => [
> ("usersProperties" => expression
> "${jboss.server.config.dir}/lbank-users.properties"),
> ("rolesProperties" => expression
> "${jboss.server.config.dir}/lbank-roles.properties"),
> ("password-stacking" => "useFirstPass")
> ]
> }]}}
> }
> }
> [standalone at localhost:9999 /]
> /subsystem=security/security-domain=lbank/authentication=classic:read-attribute(name=login-modules)
> {
> "outcome" => "success",
> "result" => [{
> "code" => "UsersRoles",
> "flag" => "required",
> "module-options" => [
> ("usersProperties" => expression
> "${jboss.server.config.dir}/lbank-users.properties"),
> ("rolesProperties" => expression
> "${jboss.server.config.dir}/lbank-roles.properties"),
> ("password-stacking" => "useFirstPass")
> ]
> }]
> }
> /
>
> #simple is
> //subsystem=security/security-domain=lbank:add(cache-type=default)/
>
> but how to know that "classic" must used?
> //subsystem=security/security-domain=lbank/authentication=/
> tab completition will not help, only if I type =classic: the tab
> completition will show commands otherwise not
>
> I suppose that this should be correct, but it shows an error:
> EAP6
> /[standalone at localhost:9999 /]
> /subsystem=security/security-domain=lbank/authentication=classic:write-attribute(name=login-modules,value=[{code=UsersRoles,flag=required}])
> {
> "outcome" => "failed",
> "failure-description" => "JBAS014688: Wrong type for value.
> Expected [LIST] but was STRING",
> "rolled-back" => true
> }
> /
> AS7.2 (upstream)
> /[standalone at localhost:9999 /]
> /subsystem=security/security-domain=lbank/authentication=classic:write-attribute(name=login-modules,value=[{code=UsersRoles,flag=required}])
> {
> "outcome" => "failed",
> "failure-description" => "JBAS014807: Management resource '[
> (\"subsystem\" => \"security\"),
> (\"security-domain\" => \"lbank\"),
> (\"authentication\" => \"classic\")
> ]' not found",
> "rolled-back" => true
> }/
>
>
> Next difficulty is to add the module-options with expressions.
>
> Any guiding or help?
>
> Wolf
>
>
>
> BTW the CLI tab completition crash:
> //subsystem=security/security-domain=lbankx/authentication=(
> java.lang.IllegalArgumentException: The argument value is not
> specified for name: 'null'
> at
> org.jboss.as.cli.operation.impl.DefaultOperationRequestBuilder.addProperty(DefaultOperationRequestBuilder.java:113)
> at
> org.jboss.as.cli.operation.impl.DefaultOperationCandidatesProvider.getProperties(DefaultOperationCandidatesProvider.java:208)
> at
> org.jboss.as.cli.operation.impl.DefaultOperationCandidatesProvider.getProperties(DefaultOperationCandidatesProvider.java:51)
> at
> org.jboss.as.cli.operation.OperationRequestCompleter.complete(OperationRequestCompleter.java:142)
> at
> org.jboss.as.cli.CommandCompleter.complete(CommandCompleter.java:93)
> at
> org.jboss.as.cli.impl.Console$Factory$1$1.complete(Console.java:96)
> at org.jboss.jreadline.console.Console.complete(Console.java:809)
> at org.jboss.jreadline.console.Console.read(Console.java:383)
> at org.jboss.jreadline.console.Console.read(Console.java:221)
> at
> org.jboss.as.cli.impl.Console$Factory$1.readLine(Console.java:166)
> at
> org.jboss.as.cli.impl.CommandContextImpl.interact(CommandContextImpl.java:1129)
> at org.jboss.as.cli.impl.CliLauncher.main(CliLauncher.java:243)
> at org.jboss.as.cli.CommandLineMain.main(CommandLineMain.java:34)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:616)
> at org.jboss.modules.Module.run(Module.java:270)
> at org.jboss.modules.Main.main(Main.java:294)
> /
>
> _______________________________________________
> jboss-as7-dev mailing list
> jboss-as7-dev at lists.jboss.org <mailto:jboss-as7-dev at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-as7-dev/attachments/20120730/c69dfbd9/attachment.html
More information about the jboss-as7-dev
mailing list