[ https://issues.jboss.org/browse/WFLY-8937?page=com.atlassian.jira.plugin.... ] Hynek Švábek updated WFLY-8937: ------------------------------- Steps to Reproduce: * Copy cs001.jceks keystore from attachment to JBOSS_HOME/standalone/data location or update path on attached standalone.xml * Run EAP server with standalone.xml configuration file which is attached. * There are defined three users one uses password and others use credential store (clear-text password and store + alias) ** go to http://localhost:9990/console/App.html and use pepa/pepa123 credentials - it works (uses password attribute) ** go to http://localhost:9990/console/App.html and use hynek/hynek123 credentials - it doesn't work (uses credential-reference and store + alias) ** go to http://localhost:9990/console/App.html and use ondra/ondra123 credentials - it doesn't work (uses credential-reference and clear-text password) * You can create your own credential store like that {code} /subsystem=elytron/credential-store=cs002:add(create=true, location=cs002.jceks, relative-to="jboss.server.data.dir", credential-reference={clear-text=pass123}) {code} * You can add there new alias to credential store like that {code} /subsystem=elytron/credential-store=cs002:add-alias(alias=newuseralias, secret-value=newuser123) {code} * and then add there new authentication user for management like that {code} /core-service=management/security-realm=ManagementRealm/authentication=users/user=newuser:add(credential-reference={store=cs002, alias=newuseralias}) {code} Then you can try log in to management console http://localhost:9990/console/App.html newuser/newuser123 was: * Copy cs001.jceks keystore from attachment to JBOSS_HOME/standalone/data location or update path on attached standalone.xml * Run EAP server with standalone.xml configuration file which is attached. * There are defined three users one uses password and others use credential store (clear-text password and store + alias) ** go to http://localhost:9990/console/App.html and use pepa/pepa123 credentials - it works (uses password attribute) ** go to http://localhost:9990/console/App.html and use hynek/hynek123 credentials - it doesn't work (uses credential-reference and store + alias) ** go to http://localhost:9990/console/App.html and use ondra/ondra123 credentials - it doesn't work (uses credential-reference and clear-text password) * You can add there new alias to credential store like that {code} /subsystem=elytron/credential-store=cs001:add-alias(alias=newuseralias, secret-value=newuser123) {code} * and then add there new authentication user for management like that {code} /core-service=management/security-realm=ManagementRealm/authentication=users/user=newuser:add(credential-reference={store=cs001, alias=newuseralias}) {code} Then you can try log in to management console http://localhost:9990/console/App.html newuser/newuser123 -- This message was sent by Atlassian JIRA (v7.2.3#72005)