[jboss-as7-dev] Independent / Orphaned Hosts

From some discussions today it has become apparent that we may need to receive requests over the management APIs on hosts not currently connected to a domain controller. The hosts may not be connected either because the domain controller has gone or because they are a new host not currently connected to a domain controller. From a securing the management APIs perspective could it be reasonable to consider this a special case and maybe approach it with a host specific user account defined that if used to connect to the host will only allow verification of the domain controller connection and modification of the domain controller connection. Anything beyond that would require a domain controller connection so that the full configuration for management API security can be pulled from the domain controller. Regards, Darran Lofthouse.