[
https://issues.jboss.org/browse/AS7-5180?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse resolved AS7-5180.
-----------------------------------
Assignee: Darran Lofthouse (was: Heiko Braun)
Fix Version/s: 7.2.0.Alpha1
Resolution: Rejected
You should be using the standard JAAS configuration to specify the login module settings -
if that is not working then raise an issue based on that.
Linking to subsystem defined configuration is not and will not be supported.
jaas tag for management interface does not work in domain mode
--------------------------------------------------------------
Key: AS7-5180
URL:
https://issues.jboss.org/browse/AS7-5180
Project: Application Server 7
Issue Type: Bug
Components: Console, Security
Affects Versions: 7.1.2.Final (EAP)
Reporter: Hisanobu Okuda
Assignee: Darran Lofthouse
Labels: eap6
Fix For: 7.2.0.Alpha1
I configured <jaas> for management interface in host.xml of domain mode as
follow:-
{code:xml}
<security-realm name="ldap_security_realm">
<authentication>
<jaas name="managementLDAPDomain"/>
</authentication>
</security-realm>
</security-realms>
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket interface="management"
port="${jboss.management.native.port:9999}"/>
</native-interface>
<http-interface security-realm="ManagementRealm">
<socket interface="management"
port="${jboss.management.http.port:9990}"/>
</http-interface>
</management-interfaces>
</management>
{code}
And added security-domain in domain.xml as follow:-
{code:xml}
<subsystem xmlns="urn:jboss:domain:security:1.1">
<security-domains>
<security-domain name="managementLDAPDomain">
<authentication>
<login-module
code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required">
<module-option name="java.naming.factory.initial"
value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url"
value="ldap://dhcp-107.winlab.fab.redhat.com:389"/>
<module-option name="java.naming.security.authentication"
value="simple"/>
<module-option name="bindDN"
value="cn=Administrator,cn=users,DC=domain1,DC=winlab,DC=fab,DC=redhat,DC=com"/>
...
{code}
But, an authentication failed and I got a message "The web console could not be
loaded. Authentication required." in the console. It seems that host.xml need to have
security-domain section similar to standalone.xml. "-jaas" of JVM option does
not work as well.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see:
http://www.atlassian.com/software/jira