[jboss-as7-dev] 7.1.0. Beta Bug on CLI Authentication ?
Jaikiran Pai
jpai at redhat.com
Wed Nov 23 09:03:18 EST 2011
As Darran mentioned, it is _intentional_ not to prompt for user/pass for
the CLI from the local instance where the server is installed. The finer
details of how that's done and why that's done will be explained in the
document that Darran is working on.
-Jaikiran
On Wednesday 23 November 2011 07:25 PM, Francesco Marchioni wrote:
> Hi all,
> so far I have tested the following options:
> >I don’t think so (although I haven’t tried it). This is because your
> mgmt-user.properties file has no >users listed.
> No, even after adding an user (with the add-user.cmd command) still no
> authentication required by CLI
>
> >>>> @Wondering if that works for the console as well?
> Yes the http console issues a BASIC authentication popup.
>
> >>>> AFAIK the CLI checks if you are on localhost. In that case the
> authentication is not
> >>>> required.
> I've checked binding server and management interface to another IP
> address available on my card and still no authentication requested by CLI
>
> The only test I'm missing at the moment is connecting to a remote AS
> instance.
>
> Regards
> Francesco
>
> 2011/11/23 Dimitris Andreadis <dandread at redhat.com
> <mailto:dandread at redhat.com>>
>
> For a once-off, that makes more sense.
>
> On 23/11/2011 14:47, Darran Lofthouse wrote:
> > On 11/23/2011 12:40 PM, Dimitris Andreadis wrote:
> >> Starting the console from a script is not really an option, IMO.
> >
> > In general no - there is no plan to drop direct access using a
> URL and no plan to drop
> > existing HTTP authentication.
> >
> > The starting from a script idea is more for the scenario of how
> do we connect to a secured
> > system and authenticate so we can add a user to that system when
> there are no users
> > currently defined on that system.
> >
> >> On 23/11/2011 14:17, Darran Lofthouse wrote:
> >>> On 11/23/2011 12:10 PM, Heiko Braun wrote:
> >>>>
> >>>>
> >>>> AFAIK the CLI checks if you are on localhost. In that case
> the authentication is not
> >>>> required.
> >>>
> >>> That is correct, I am just writing an article to send round
> with the
> >>> details.
> >>>
> >>> The CLI will have authenticated against the server but as you
> are local
> >>> to the server it will have used a silent authentication mechanism.
> >>>
> >>>> @Wondering if that works for the console as well?
> >>>
> >>> Unfortunately no the console has a different set of issues as
> the web
> >>> browser doesn't have access to the filesystem, I am
> considering if we
> >>> can start the console from a script to pass some form of token
> but at
> >>> the moment the console does retain the need for a username and
> password.
> >>>
> >>>> Ike
> >>>>
> >>>> On Nov 23, 2011, at 1:03 PM, Francesco Marchioni wrote:
> >>>>
> >>>>> Hi all !
> >>>>> In the release notes it's mentioned that management
> interfaces will be secured by
> >>>>> default, however in the very first test I did, no
> authentication was asked. (Although
> >>>>> in the configuration there is a ManagementRealm associated
> with the management
> >>>>> interfaces).
> >>>>> Have I hit a bug ?
> >>>>> Regards
> >>>>> Francesco
> >>>>>
> >>>>> _______________________________________________
> >>>>> jboss-as7-dev mailing list
> >>>>> jboss-as7-dev at lists.jboss.org
> <mailto:jboss-as7-dev at lists.jboss.org>
> >>>>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> jboss-as7-dev mailing list
> >>>> jboss-as7-dev at lists.jboss.org
> <mailto:jboss-as7-dev at lists.jboss.org>
> >>>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
> >>> _______________________________________________
> >>> jboss-as7-dev mailing list
> >>> jboss-as7-dev at lists.jboss.org
> <mailto:jboss-as7-dev at lists.jboss.org>
> >>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
> >>
>
> --
> xxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Dimitris Andreadis
> Software Engineering Manager
> JBoss Application Server
> by Red Hat
> xxxxxxxxxxxxxxxxxxxxxxxxxxxx
>
> http://dandreadis.blogspot.com/
> _______________________________________________
> jboss-as7-dev mailing list
> jboss-as7-dev at lists.jboss.org <mailto:jboss-as7-dev at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>
>
>
>
> _______________________________________________
> jboss-as7-dev mailing list
> jboss-as7-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
More information about the jboss-as7-dev
mailing list