[jboss-as7-dev] Use of CLI to add security-domain
Tomaž Cerar
tomaz.cerar at gmail.com
Sat Jul 28 16:54:51 EDT 2012
Wolf,
module-options do not support expressions yet, there is an issue open to
add support for it: https://issues.jboss.org/browse/AS7-5177
I have started working on it, but am not done yet..
--
tomaz
On Fri, Jul 27, 2012 at 8:02 PM, Wolf-Dieter Fink <wfink at redhat.com> wrote:
> Hi,
>
> I try to add this to the standalone.xml via CLI:
>
> <subsystem xmlns="urn:jboss:domain:security:1.2">
> <security-domains>
> ....
> <security-domain name="lbank" cache-type="default">
> <authentication>
> <login-module code="UsersRoles" flag="required">
> <module-option name="usersProperties"
> value="${jboss.server.config.dir}/lbank-users.properties"/>
> <module-option name="rolesProperties"
> value="${jboss.server.config.dir}/lbank-roles.properties"/>
> <module-option name="password-stacking"
> value="useFirstPass"/>
> </login-module>
> </authentication>
> </security-domain>
>
>
> If I add it to XML the CLI will show:
> *[standalone at localhost:9999 /]
> /subsystem=security/security-domain=lbank:read-resource(recursive=true)
> {
> "outcome" => "success",
> "result" => {
> "acl" => undefined,
> "audit" => undefined,
> "authorization" => undefined,
> "cache-type" => "default",
> "identity-trust" => undefined,
> "jsse" => undefined,
> "mapping" => undefined,
> "authentication" => {"classic" => {"login-modules" => [{
> "code" => "UsersRoles",
> "flag" => "required",
> "module-options" => [
> ("usersProperties" => expression
> "${jboss.server.config.dir}/lbank-users.properties"),
> ("rolesProperties" => expression
> "${jboss.server.config.dir}/lbank-roles.properties"),
> ("password-stacking" => "useFirstPass")
> ]
> }]}}
> }
> }
> [standalone at localhost:9999 /]
> /subsystem=security/security-domain=lbank/authentication=classic:read-attribute(name=login-modules)
> {
> "outcome" => "success",
> "result" => [{
> "code" => "UsersRoles",
> "flag" => "required",
> "module-options" => [
> ("usersProperties" => expression
> "${jboss.server.config.dir}/lbank-users.properties"),
> ("rolesProperties" => expression
> "${jboss.server.config.dir}/lbank-roles.properties"),
> ("password-stacking" => "useFirstPass")
> ]
> }]
> }
> *
>
> #simple is
> */subsystem=security/security-domain=lbank:add(cache-type=default)*
>
> but how to know that "classic" must used?
> * /subsystem=security/security-domain=lbank/authentication=*
> tab completition will not help, only if I type =classic: the tab
> completition will show commands otherwise not
>
> I suppose that this should be correct, but it shows an error:
> EAP6
> *[standalone at localhost:9999 /]
> /subsystem=security/security-domain=lbank/authentication=classic:write-attribute(name=login-modules,value=[{code=UsersRoles,flag=required}])
> {
> "outcome" => "failed",
> "failure-description" => "JBAS014688: Wrong type for value. Expected
> [LIST] but was STRING",
> "rolled-back" => true
> }
> *
> AS7.2 (upstream)
> *[standalone at localhost:9999 /]
> /subsystem=security/security-domain=lbank/authentication=classic:write-attribute(name=login-modules,value=[{code=UsersRoles,flag=required}])
> {
> "outcome" => "failed",
> "failure-description" => "JBAS014807: Management resource '[
> (\"subsystem\" => \"security\"),
> (\"security-domain\" => \"lbank2\"),
> (\"authentication\" => \"classic\")
> ]' not found",
> "rolled-back" => true
> }*
>
>
> Next difficulty is to add the module-options with expressions.
>
> Any guiding or help?
>
> Wolf
>
>
>
> BTW the CLI tab completition crash:
> */subsystem=security/security-domain=lbankx/authentication=(
> java.lang.IllegalArgumentException: The argument value is not specified
> for name: 'null'
> at
> org.jboss.as.cli.operation.impl.DefaultOperationRequestBuilder.addProperty(DefaultOperationRequestBuilder.java:113)
> at
> org.jboss.as.cli.operation.impl.DefaultOperationCandidatesProvider.getProperties(DefaultOperationCandidatesProvider.java:208)
> at
> org.jboss.as.cli.operation.impl.DefaultOperationCandidatesProvider.getProperties(DefaultOperationCandidatesProvider.java:51)
> at
> org.jboss.as.cli.operation.OperationRequestCompleter.complete(OperationRequestCompleter.java:142)
> at org.jboss.as.cli.CommandCompleter.complete(CommandCompleter.java:93)
> at org.jboss.as.cli.impl.Console$Factory$1$1.complete(Console.java:96)
> at org.jboss.jreadline.console.Console.complete(Console.java:809)
> at org.jboss.jreadline.console.Console.read(Console.java:383)
> at org.jboss.jreadline.console.Console.read(Console.java:221)
> at org.jboss.as.cli.impl.Console$Factory$1.readLine(Console.java:166)
> at
> org.jboss.as.cli.impl.CommandContextImpl.interact(CommandContextImpl.java:1129)
> at org.jboss.as.cli.impl.CliLauncher.main(CliLauncher.java:243)
> at org.jboss.as.cli.CommandLineMain.main(CommandLineMain.java:34)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:616)
> at org.jboss.modules.Module.run(Module.java:270)
> at org.jboss.modules.Main.main(Main.java:294)
> *
>
> _______________________________________________
> jboss-as7-dev mailing list
> jboss-as7-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-as7-dev/attachments/20120728/8f1cc3b7/attachment.html
More information about the jboss-as7-dev
mailing list