Anil Saldhana wrote:
Heiko Braun wrote:
talking to darran: it seems the secuirty subsystem is only used for application level security and clearly separated from the adminstrative secuirty. Can sombody confirm this?
Ideally it should be the location of all security configuration. I do encourage moving the configuration to the security subsystem.
For a standalone server, the security-subsystem leaks out to management security via this:
https://github.com/wildfly/wildfly/blob/master/build/src/main/resources/docs/schema/jboss-as-config_2_0.xsd#L513
Basically, the management security realm can delegate to a JAAS security domain configured in the subystem.
To consolidate all security configuration in the security "subsystem" requires adding some sort of extension/subsystem notion to the Host Controller. But that's too big a change to make for EAP 6.2.