[jboss-as7-dev] CLI command adding a security-domain does not work for me

Emanuel Muckenhuber emuckenh at redhat.com
Fri Mar 16 07:05:23 EDT 2012 

Hmm, looks like the example is out-of-date. I think you would need to do 
something like the following to add that using the CLI:

# batch
# /subsystem=security/security-domain=JBTravel:add
# 
/subsystem=security/security-domain=JBTravel/authentication=classic:add(login-modules=[{"code"=>"Database","flag"=>"required","module-options"=>[("dsJndiName"=>"java:jboss/ 
JBTravelDatasource"),("principalsQuery"=>"select password from 
JTRAVEL.USER where username=?"),("rolesQuery"=>"select null,'Roles' from 
JTRAVEL.USER where username=?")]}])
# run-batch

Although this is for standalone... so you would need to change that for 
the domain.

On 03/16/2012 09:07 AM, Wolf-Dieter Fink wrote:
> I try to add a security domain with the command  (review JB248 AS7 admin
> course):
>
> cd profile=full-ha/subsystem=security
> ./security-domain=JBTravel:add(authentication=[{"code"=>"Database","flag"=>"required","module-options"=>[("dsJndiName"=>"java:jboss/JBTravelDatasource"),("principalsQuery"=>"select
> password from JTRAVEL.USER where username=?"),("rolesQuery"=>"select
> null,'Roles' from JTRAVEL.USER where username=?")]}])
>
> and I see =>   'authentication' is not found among the supported
> properties: [cache-type]
>
> For me it looks correct, if I add the security-domain directly to the
> domain.xml it will be correct, see below.
>
> I test with EAP6.ER3 and 7.1.2.Final.
>
> Am I wrong with the command (and my understanding of it)?
>
> - Wolf
>
> ======  XML  ====
> <security-domain name="JBTravel">
> <authentication>
> <login-module code="Database" flag="required">
> <module-option name="dsJndiName" value="java:jboss/JBTravelDatasource"/>
> <module-option name="principalsQuery" value="SELECT password FROM
> JBTRAVEL.USER WHERE username=?"/>
> <module-option name="rolesQuery" value="SELECT null,'Roles' FROM
> JBTRAVEL.USER WHERE username=?"/>
> </login-module>
> </authentication>
> </security-domain>
> =================
> [domain at localhost:9999 subsystem=security]
> ./security-domain=JBTravel:read-resource
> {
>       "outcome" =>  "success",
>       "result" =>  {
>           "acl" =>  undefined,
>           "audit" =>  undefined,
>           "authorization" =>  undefined,
>           "cache-type" =>  undefined,
>           "identity-trust" =>  undefined,
>           "jsse" =>  undefined,
>           "mapping" =>  undefined,
>           "authentication" =>  {"classic" =>  undefined}
>       }
> }
>
> _______________________________________________
> jboss-as7-dev mailing list
> jboss-as7-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev

More information about the jboss-as7-dev mailing list