]
Darran Lofthouse commented on AS7-5180:
---------------------------------------
Ah I understand now - in that case I think you are experiencing a different bug already
fixed for 7.1.3
jaas tag for management interface does not work in domain mode
--------------------------------------------------------------
Key: AS7-5180
URL:
https://issues.jboss.org/browse/AS7-5180
Project: Application Server 7
Issue Type: Bug
Components: Console, Security
Affects Versions: 7.1.2.Final (EAP)
Reporter: Hisanobu Okuda
Assignee: Darran Lofthouse
Labels: eap6
Fix For: 7.2.0.Alpha1
I configured <jaas> for management interface in host.xml of domain mode as
follow:-
{code:xml}
<security-realm name="ldap_security_realm">
<authentication>
<jaas name="managementLDAPDomain"/>
</authentication>
</security-realm>
</security-realms>
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket interface="management"
port="${jboss.management.native.port:9999}"/>
</native-interface>
<http-interface security-realm="ManagementRealm">
<socket interface="management"
port="${jboss.management.http.port:9990}"/>
</http-interface>
</management-interfaces>
</management>
{code}
And added security-domain in domain.xml as follow:-
{code:xml}
<subsystem xmlns="urn:jboss:domain:security:1.1">
<security-domains>
<security-domain name="managementLDAPDomain">
<authentication>
<login-module
code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required">
<module-option name="java.naming.factory.initial"
value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url"
value="ldap://dhcp-107.winlab.fab.redhat.com:389"/>
<module-option name="java.naming.security.authentication"
value="simple"/>
<module-option name="bindDN"
value="cn=Administrator,cn=users,DC=domain1,DC=winlab,DC=fab,DC=redhat,DC=com"/>
...
{code}
But, an authentication failed and I got a message "The web console could not be
loaded. Authentication required." in the console. It seems that host.xml need to have
security-domain section similar to standalone.xml. "-jaas" of JVM option does
not work as well.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: