Did it. Correct, from a remote AS instance CLI authentication is prompted.<br><br><div class="gmail_quote">2011/11/23 Darran Lofthouse <span dir="ltr"><<a href="mailto:darran.lofthouse@jboss.com">darran.lofthouse@jboss.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im">On 11/23/2011 01:55 PM, Francesco Marchioni wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi all,<br>
so far I have tested the following options:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I don’t think so (although I haven’t tried it). This is because your<br>
</blockquote>
mgmt-user.properties file has no >users listed.<br>
No, even after adding an user (with the add-user.cmd command) still no<br>
authentication required by CLI<br>
</blockquote>
<br></div>
That is expected if you are local you already have access to the server configuration so a connection can be negotiated without requiring a username and password.<div class="im"><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
>>>> @Wondering if that works for the console as well?<br>
Yes the http console issues a BASIC authentication popup.<br>
</blockquote>
<br></div>
The popup is actually a DIGEST popup<div class="im"><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
>>>> AFAIK the CLI checks if you are on localhost. In that case the<br>
authentication is not<br>
>>>> required.<br>
I've checked binding server and management interface to another IP<br>
address available on my card and still no authentication requested by CLI<br>
</blockquote>
<br></div>
The CLI will detect that the address is not really remote.<div class="im"><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
The only test I'm missing at the moment is connecting to a remote AS<br>
instance.<br>
</blockquote>
<br></div>
Yes that is the test you are missing.<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">
<br>
Regards<br>
Francesco<br>
<br>
2011/11/23 Dimitris Andreadis <<a href="mailto:dandread@redhat.com" target="_blank">dandread@redhat.com</a><br></div>
<mailto:<a href="mailto:dandread@redhat.com" target="_blank">dandread@redhat.com</a>>><div><div class="h5"><br>
<br>
For a once-off, that makes more sense.<br>
<br>
On 23/11/2011 14:47, Darran Lofthouse wrote:<br>
> On 11/23/2011 12:40 PM, Dimitris Andreadis wrote:<br>
>> Starting the console from a script is not really an option, IMO.<br>
><br>
> In general no - there is no plan to drop direct access using a<br>
URL and no plan to drop<br>
> existing HTTP authentication.<br>
><br>
> The starting from a script idea is more for the scenario of how<br>
do we connect to a secured<br>
> system and authenticate so we can add a user to that system when<br>
there are no users<br>
> currently defined on that system.<br>
><br>
>> On 23/11/2011 14:17, Darran Lofthouse wrote:<br>
>>> On 11/23/2011 12:10 PM, Heiko Braun wrote:<br>
>>>><br>
>>>><br>
>>>> AFAIK the CLI checks if you are on localhost. In that case the<br>
authentication is not<br>
>>>> required.<br>
>>><br>
>>> That is correct, I am just writing an article to send round<br>
with the<br>
>>> details.<br>
>>><br>
>>> The CLI will have authenticated against the server but as you<br>
are local<br>
>>> to the server it will have used a silent authentication mechanism.<br>
>>><br>
>>>> @Wondering if that works for the console as well?<br>
>>><br>
>>> Unfortunately no the console has a different set of issues as<br>
the web<br>
>>> browser doesn't have access to the filesystem, I am considering<br>
if we<br>
>>> can start the console from a script to pass some form of token<br>
but at<br>
>>> the moment the console does retain the need for a username and<br>
password.<br>
>>><br>
>>>> Ike<br>
>>>><br>
>>>> On Nov 23, 2011, at 1:03 PM, Francesco Marchioni wrote:<br>
>>>><br>
>>>>> Hi all !<br>
>>>>> In the release notes it's mentioned that management<br>
interfaces will be secured by<br>
>>>>> default, however in the very first test I did, no<br>
authentication was asked. (Although<br>
>>>>> in the configuration there is a ManagementRealm associated<br>
with the management<br>
>>>>> interfaces).<br>
>>>>> Have I hit a bug ?<br>
>>>>> Regards<br>
>>>>> Francesco<br>
>>>>><br>
>>>>> ______________________________<u></u>_________________<br>
>>>>> jboss-as7-dev mailing list<br>
>>>>> <a href="mailto:jboss-as7-dev@lists.jboss.org" target="_blank">jboss-as7-dev@lists.jboss.org</a><br></div></div>
<mailto:<a href="mailto:jboss-as7-dev@lists.jboss.org" target="_blank">jboss-as7-dev@lists.<u></u>jboss.org</a>><div class="im"><br>
>>>>> <a href="https://lists.jboss.org/mailman/listinfo/jboss-as7-dev" target="_blank">https://lists.jboss.org/<u></u>mailman/listinfo/jboss-as7-dev</a><br>
>>>><br>
>>>><br>
>>>> ______________________________<u></u>_________________<br>
>>>> jboss-as7-dev mailing list<br>
>>>> <a href="mailto:jboss-as7-dev@lists.jboss.org" target="_blank">jboss-as7-dev@lists.jboss.org</a><br></div>
<mailto:<a href="mailto:jboss-as7-dev@lists.jboss.org" target="_blank">jboss-as7-dev@lists.<u></u>jboss.org</a>><div class="im"><br>
>>>> <a href="https://lists.jboss.org/mailman/listinfo/jboss-as7-dev" target="_blank">https://lists.jboss.org/<u></u>mailman/listinfo/jboss-as7-dev</a><br>
>>> ______________________________<u></u>_________________<br>
>>> jboss-as7-dev mailing list<br>
>>> <a href="mailto:jboss-as7-dev@lists.jboss.org" target="_blank">jboss-as7-dev@lists.jboss.org</a><br></div>
<mailto:<a href="mailto:jboss-as7-dev@lists.jboss.org" target="_blank">jboss-as7-dev@lists.<u></u>jboss.org</a>><div class="im"><br>
>>> <a href="https://lists.jboss.org/mailman/listinfo/jboss-as7-dev" target="_blank">https://lists.jboss.org/<u></u>mailman/listinfo/jboss-as7-dev</a><br>
>><br>
<br>
--<br>
xxxxxxxxxxxxxxxxxxxxxxxxxxxx<br>
Dimitris Andreadis<br>
Software Engineering Manager<br>
JBoss Application Server<br>
by Red Hat<br>
xxxxxxxxxxxxxxxxxxxxxxxxxxxx<br>
<br>
<a href="http://dandreadis.blogspot.com/" target="_blank">http://dandreadis.blogspot.<u></u>com/</a><br>
______________________________<u></u>_________________<br>
jboss-as7-dev mailing list<br></div>
<a href="mailto:jboss-as7-dev@lists.jboss.org" target="_blank">jboss-as7-dev@lists.jboss.org</a> <mailto:<a href="mailto:jboss-as7-dev@lists.jboss.org" target="_blank">jboss-as7-dev@lists.<u></u>jboss.org</a>><br>
<a href="https://lists.jboss.org/mailman/listinfo/jboss-as7-dev" target="_blank">https://lists.jboss.org/<u></u>mailman/listinfo/jboss-as7-dev</a><br>
<br>
<br>
</blockquote>
</blockquote></div><br>