[jboss-as7-dev] 7.1.0. Beta Bug on CLI Authentication ?

Darran Lofthouse darran.lofthouse at jboss.com
Wed Nov 23 09:25:18 EST 2011 

And here it is ;-)

http://community.jboss.org/docs/DOC-17367

On 11/23/2011 02:03 PM, Jaikiran Pai wrote:
> As Darran mentioned, it is _intentional_ not to prompt for user/pass for
> the CLI from the local instance where the server is installed. The finer
> details of how that's done and why that's done will be explained in the
> document that Darran is working on.
>
> -Jaikiran
> On Wednesday 23 November 2011 07:25 PM, Francesco Marchioni wrote:
>> Hi all,
>> so far I have tested the following options:
>>> I don’t think so (although I haven’t tried it). This is because your
>> mgmt-user.properties file has no>users listed.
>> No, even after adding an user (with the add-user.cmd command) still no
>> authentication required by CLI
>>
>>>>>> @Wondering if that works for the console as well?
>> Yes the http console issues a BASIC authentication popup.
>>
>>>>>> AFAIK the CLI checks if you are on localhost. In that case the
>> authentication is not
>>>>>> required.
>> I've checked binding server and management interface to another IP
>> address available on my card and still no authentication requested by CLI
>>
>> The only test I'm missing at the moment is connecting to a remote AS
>> instance.
>>
>> Regards
>> Francesco
>>
>> 2011/11/23 Dimitris Andreadis<dandread at redhat.com
>> <mailto:dandread at redhat.com>>
>>
>>      For a once-off, that makes more sense.
>>
>>      On 23/11/2011 14:47, Darran Lofthouse wrote:
>>      >  On 11/23/2011 12:40 PM, Dimitris Andreadis wrote:
>>      >>  Starting the console from a script is not really an option, IMO.
>>      >
>>      >  In general no - there is no plan to drop direct access using a
>>      URL and no plan to drop
>>      >  existing HTTP authentication.
>>      >
>>      >  The starting from a script idea is more for the scenario of how
>>      do we connect to a secured
>>      >  system and authenticate so we can add a user to that system when
>>      there are no users
>>      >  currently defined on that system.
>>      >
>>      >>  On 23/11/2011 14:17, Darran Lofthouse wrote:
>>      >>>  On 11/23/2011 12:10 PM, Heiko Braun wrote:
>>      >>>>
>>      >>>>
>>      >>>>  AFAIK the CLI checks if you are on localhost. In that case
>>      the authentication is not
>>      >>>>  required.
>>      >>>
>>      >>>  That is correct, I am just writing an article to send round
>>      with the
>>      >>>  details.
>>      >>>
>>      >>>  The CLI will have authenticated against the server but as you
>>      are local
>>      >>>  to the server it will have used a silent authentication mechanism.
>>      >>>
>>      >>>>  @Wondering if that works for the console as well?
>>      >>>
>>      >>>  Unfortunately no the console has a different set of issues as
>>      the web
>>      >>>  browser doesn't have access to the filesystem, I am
>>      considering if we
>>      >>>  can start the console from a script to pass some form of token
>>      but at
>>      >>>  the moment the console does retain the need for a username and
>>      password.
>>      >>>
>>      >>>>  Ike
>>      >>>>
>>      >>>>  On Nov 23, 2011, at 1:03 PM, Francesco Marchioni wrote:
>>      >>>>
>>      >>>>>  Hi all !
>>      >>>>>  In the release notes it's mentioned that management
>>      interfaces will be secured by
>>      >>>>>  default, however in the very first test I did, no
>>      authentication was asked. (Although
>>      >>>>>  in the configuration there is a ManagementRealm associated
>>      with the management
>>      >>>>>  interfaces).
>>      >>>>>  Have I hit a bug ?
>>      >>>>>  Regards
>>      >>>>>  Francesco
>>      >>>>>
>>      >>>>>  _______________________________________________
>>      >>>>>  jboss-as7-dev mailing list
>>      >>>>>  jboss-as7-dev at lists.jboss.org
>>      <mailto:jboss-as7-dev at lists.jboss.org>
>>      >>>>>  https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>>      >>>>
>>      >>>>
>>      >>>>  _______________________________________________
>>      >>>>  jboss-as7-dev mailing list
>>      >>>>  jboss-as7-dev at lists.jboss.org
>>      <mailto:jboss-as7-dev at lists.jboss.org>
>>      >>>>  https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>>      >>>  _______________________________________________
>>      >>>  jboss-as7-dev mailing list
>>      >>>  jboss-as7-dev at lists.jboss.org
>>      <mailto:jboss-as7-dev at lists.jboss.org>
>>      >>>  https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>>      >>
>>
>>      --
>>      xxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>      Dimitris Andreadis
>>      Software Engineering Manager
>>      JBoss Application Server
>>      by Red Hat
>>      xxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>
>>      http://dandreadis.blogspot.com/
>>      _______________________________________________
>>      jboss-as7-dev mailing list
>>      jboss-as7-dev at lists.jboss.org<mailto:jboss-as7-dev at lists.jboss.org>
>>      https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>>
>>
>>
>>
>> _______________________________________________
>> jboss-as7-dev mailing list
>> jboss-as7-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>
> _______________________________________________
> jboss-as7-dev mailing list
> jboss-as7-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev

More information about the jboss-as7-dev mailing list