Did it. Correct, from a remote AS instance CLI authentication is prompted.

2011/11/23 Darran Lofthouse <darran.lofthouse@jboss.com>
On 11/23/2011 01:55 PM, Francesco Marchioni wrote:
Hi all,
so far I have tested the following options:
I don’t think so (although I haven’t tried it). This is because your
mgmt-user.properties file has no >users listed.
No, even after adding an user (with the add-user.cmd command) still no
authentication required by CLI

That is expected if you are local you already have access to the server configuration so a connection can be negotiated without requiring a username and password.


 >>>> @Wondering if that works for the console as well?
Yes the http console issues a BASIC authentication popup.

The popup is actually a DIGEST popup


 >>>> AFAIK the CLI checks if you are on localhost. In that case the
authentication is not
 >>>> required.
I've checked binding server and management interface to another IP
address available on my card and still no authentication requested by CLI

The CLI will detect that the address is not really remote.


The only test I'm missing at the moment is connecting to a remote AS
instance.

Yes that is the test you are missing.


Regards
Francesco

2011/11/23 Dimitris Andreadis <dandread@redhat.com
<mailto:dandread@redhat.com>>


   For a once-off, that makes more sense.

   On 23/11/2011 14:47, Darran Lofthouse wrote:
    > On 11/23/2011 12:40 PM, Dimitris Andreadis wrote:
    >> Starting the console from a script is not really an option, IMO.
    >
    > In general no - there is no plan to drop direct access using a
   URL and no plan to drop
    > existing HTTP authentication.
    >
    > The starting from a script idea is more for the scenario of how
   do we connect to a secured
    > system and authenticate so we can add a user to that system when
   there are no users
    > currently defined on that system.
    >
    >> On 23/11/2011 14:17, Darran Lofthouse wrote:
    >>> On 11/23/2011 12:10 PM, Heiko Braun wrote:
    >>>>
    >>>>
    >>>> AFAIK the CLI checks if you are on localhost. In that case the
   authentication is not
    >>>> required.
    >>>
    >>> That is correct, I am just writing an article to send round
   with the
    >>> details.
    >>>
    >>> The CLI will have authenticated against the server but as you
   are local
    >>> to the server it will have used a silent authentication mechanism.
    >>>
    >>>> @Wondering if that works for the console as well?
    >>>
    >>> Unfortunately no the console has a different set of issues as
   the web
    >>> browser doesn't have access to the filesystem, I am considering
   if we
    >>> can start the console from a script to pass some form of token
   but at
    >>> the moment the console does retain the need for a username and
   password.
    >>>
    >>>> Ike
    >>>>
    >>>> On Nov 23, 2011, at 1:03 PM, Francesco Marchioni wrote:
    >>>>
    >>>>> Hi all !
    >>>>> In the release notes it's mentioned that management
   interfaces will be secured by
    >>>>> default, however in the very first test I did, no
   authentication was asked. (Although
    >>>>> in the configuration there is a ManagementRealm associated
   with the management
    >>>>> interfaces).
    >>>>> Have I hit a bug ?
    >>>>> Regards
    >>>>> Francesco
    >>>>>
    >>>>> _______________________________________________
    >>>>> jboss-as7-dev mailing list
    >>>>> jboss-as7-dev@lists.jboss.org
   <mailto:jboss-as7-dev@lists.jboss.org>

    >>>>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
    >>>>
    >>>>
    >>>> _______________________________________________
    >>>> jboss-as7-dev mailing list
    >>>> jboss-as7-dev@lists.jboss.org
   <mailto:jboss-as7-dev@lists.jboss.org>

    >>>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
    >>> _______________________________________________
    >>> jboss-as7-dev mailing list
    >>> jboss-as7-dev@lists.jboss.org
   <mailto:jboss-as7-dev@lists.jboss.org>

    >>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
    >>

   --
   xxxxxxxxxxxxxxxxxxxxxxxxxxxx
   Dimitris Andreadis
   Software Engineering Manager
   JBoss Application Server
   by Red Hat
   xxxxxxxxxxxxxxxxxxxxxxxxxxxx

   http://dandreadis.blogspot.com/
   _______________________________________________
   jboss-as7-dev mailing list
   jboss-as7-dev@lists.jboss.org <mailto:jboss-as7-dev@lists.jboss.org>
   https://lists.jboss.org/mailman/listinfo/jboss-as7-dev