Thanks Tomaz,

but in my case I strip the command and did not use module-options but neither EAP6 nor AS7.2.
The messages are different, see eMail thread.
The validation looks correct in case of AS7.2, if I drop i.e. 'flag' a validation error is shown.

Wolf

On 07/28/2012 10:54 PM, Tomaž Cerar wrote:
Wolf,

module-options do not support expressions yet, there is an issue open to add support for it: https://issues.jboss.org/browse/AS7-5177
I have started working on it, but am not done yet..

--
tomaz

On Fri, Jul 27, 2012 at 8:02 PM, Wolf-Dieter Fink <wfink@redhat.com> wrote:
Hi,

I try to add this to the standalone.xml via CLI:

       <subsystem xmlns="urn:jboss:domain:security:1.2">
            <security-domains>
                 ....
                 <security-domain name="lbank" cache-type="default">
                    <authentication>
                        <login-module code="UsersRoles" flag="required">
                            <module-option name="usersProperties" value="${jboss.server.config.dir}/lbank-users.properties"/>
                            <module-option name="rolesProperties" value="${jboss.server.config.dir}/lbank-roles.properties"/>
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                    </authentication>
                </security-domain>



If I add it to XML the CLI will show:
[standalone@localhost:9999 /] /subsystem=security/security-domain=lbank:read-resource(recursive=true)
{
    "outcome" => "success",
    "result" => {
        "acl" => undefined,
        "audit" => undefined,
        "authorization" => undefined,
        "cache-type" => "default",
        "identity-trust" => undefined,
        "jsse" => undefined,
        "mapping" => undefined,
        "authentication" => {"classic" => {"login-modules" => [{
            "code" => "UsersRoles",
            "flag" => "required",
            "module-options" => [
                ("usersProperties" => expression "${jboss.server.config.dir}/lbank-users.properties"),
                ("rolesProperties" => expression "${jboss.server.config.dir}/lbank-roles.properties"),
                ("password-stacking" => "useFirstPass")
            ]
        }]}}
    }
}
[standalone@localhost:9999 /] /subsystem=security/security-domain=lbank/authentication=classic:read-attribute(name=login-modules)
{
    "outcome" => "success",
    "result" => [{
        "code" => "UsersRoles",
        "flag" => "required",
        "module-options" => [
            ("usersProperties" => expression "${jboss.server.config.dir}/lbank-users.properties"),
            ("rolesProperties" => expression "${jboss.server.config.dir}/lbank-roles.properties"),
            ("password-stacking" => "useFirstPass")
        ]
    }]
}


#simple is
/subsystem=security/security-domain=lbank:add(cache-type=default)

but how to know that "classic" must used?
    /subsystem=security/security-domain=lbank/authentication=
tab completition will not help, only if I type =classic: the tab completition will show commands otherwise not

I suppose that this should be correct, but it shows an error:
EAP6
[standalone@localhost:9999 /] /subsystem=security/security-domain=lbank/authentication=classic:write-attribute(name=login-modules,value=[{code=UsersRoles,flag=required}])
{
    "outcome" => "failed",
    "failure-description" => "JBAS014688: Wrong type for value. Expected [LIST] but was STRING",
    "rolled-back" => true
}

AS7.2 (upstream)
[standalone@localhost:9999 /] /subsystem=security/security-domain=lbank/authentication=classic:write-attribute(name=login-modules,value=[{code=UsersRoles,flag=required}])
{
    "outcome" => "failed",
    "failure-description" => "JBAS014807: Management resource '[
    (\"subsystem\" => \"security\"),
    (\"security-domain\" => \"lbank\"),
    (\"authentication\" => \"classic\")
]' not found",
    "rolled-back" => true
}



Next difficulty is to add the module-options with expressions.

Any guiding or help?

Wolf



BTW the CLI tab completition crash:
/subsystem=security/security-domain=lbankx/authentication=(
java.lang.IllegalArgumentException: The argument value is not specified for name: 'null'
    at org.jboss.as.cli.operation.impl.DefaultOperationRequestBuilder.addProperty(DefaultOperationRequestBuilder.java:113)
    at org.jboss.as.cli.operation.impl.DefaultOperationCandidatesProvider.getProperties(DefaultOperationCandidatesProvider.java:208)
    at org.jboss.as.cli.operation.impl.DefaultOperationCandidatesProvider.getProperties(DefaultOperationCandidatesProvider.java:51)
    at org.jboss.as.cli.operation.OperationRequestCompleter.complete(OperationRequestCompleter.java:142)
    at org.jboss.as.cli.CommandCompleter.complete(CommandCompleter.java:93)
    at org.jboss.as.cli.impl.Console$Factory$1$1.complete(Console.java:96)
    at org.jboss.jreadline.console.Console.complete(Console.java:809)
    at org.jboss.jreadline.console.Console.read(Console.java:383)
    at org.jboss.jreadline.console.Console.read(Console.java:221)
    at org.jboss.as.cli.impl.Console$Factory$1.readLine(Console.java:166)
    at org.jboss.as.cli.impl.CommandContextImpl.interact(CommandContextImpl.java:1129)
    at org.jboss.as.cli.impl.CliLauncher.main(CliLauncher.java:243)
    at org.jboss.as.cli.CommandLineMain.main(CommandLineMain.java:34)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:616)
    at org.jboss.modules.Module.run(Module.java:270)
    at org.jboss.modules.Main.main(Main.java:294)


_______________________________________________
jboss-as7-dev mailing list
jboss-as7-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-as7-dev