[
https://issues.jboss.org/browse/AS7-5180?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse commented on AS7-5180:
---------------------------------------
Yes this is not possible as as the security domain defined in the domain.xml is not
available within the host controller process.
jaas tag for management interface does not work in domain mode
--------------------------------------------------------------
Key: AS7-5180
URL:
https://issues.jboss.org/browse/AS7-5180
Project: Application Server 7
Issue Type: Bug
Components: Console, Security
Affects Versions: 7.1.2.Final (EAP)
Reporter: Hisanobu Okuda
Assignee: Darran Lofthouse
Labels: eap6
Fix For: 7.2.0.Alpha1
I configured <jaas> for management interface in host.xml of domain mode as
follow:-
{code:xml}
<security-realm name="ldap_security_realm">
<authentication>
<jaas name="managementLDAPDomain"/>
</authentication>
</security-realm>
</security-realms>
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket interface="management"
port="${jboss.management.native.port:9999}"/>
</native-interface>
<http-interface security-realm="ManagementRealm">
<socket interface="management"
port="${jboss.management.http.port:9990}"/>
</http-interface>
</management-interfaces>
</management>
{code}
And added security-domain in domain.xml as follow:-
{code:xml}
<subsystem xmlns="urn:jboss:domain:security:1.1">
<security-domains>
<security-domain name="managementLDAPDomain">
<authentication>
<login-module
code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required">
<module-option name="java.naming.factory.initial"
value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url"
value="ldap://dhcp-107.winlab.fab.redhat.com:389"/>
<module-option name="java.naming.security.authentication"
value="simple"/>
<module-option name="bindDN"
value="cn=Administrator,cn=users,DC=domain1,DC=winlab,DC=fab,DC=redhat,DC=com"/>
...
{code}
But, an authentication failed and I got a message "The web console could not be
loaded. Authentication required." in the console. It seems that host.xml need to have
security-domain section similar to standalone.xml. "-jaas" of JVM option does
not work as well.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see:
http://www.atlassian.com/software/jira