[jboss-jira] [JBoss JIRA] (AS7-5180) jaas tag for management interface does not work in domain mode

Hisanobu Okuda (JIRA) jira-events at lists.jboss.org
Tue Jul 17 01:40:08 EDT 2012 

Hisanobu Okuda created AS7-5180:
-----------------------------------

             Summary: jaas tag for management interface does not work in domain mode
                 Key: AS7-5180
                 URL: https://issues.jboss.org/browse/AS7-5180
             Project: Application Server 7
          Issue Type: Bug
          Components: Console, Security
    Affects Versions: 7.1.2.Final (EAP)
            Reporter: Hisanobu Okuda
            Assignee: Heiko Braun


I configured <jaas> for management interface in host.xml of domain mode as follow:-

{code:xml}
  <security-realm name="ldap_security_realm">
    <authentication>
      <jaas name="managementLDAPDomain"/>
    </authentication>
      </security-realm>
    </security-realms>
    <management-interfaces>
      <native-interface security-realm="ManagementRealm">
    <socket interface="management" port="${jboss.management.native.port:9999}"/>
      </native-interface>
      <http-interface security-realm="ManagementRealm">
    <socket interface="management" port="${jboss.management.http.port:9990}"/>
      </http-interface>
    </management-interfaces>
  </management>
  ...
  (skip)
  ...
        <subsystem xmlns="urn:jboss:domain:security:1.1">
            <security-domains>
          <security-domain name="managementLDAPDomain">
        <authentication>
          <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
            <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
            <module-option name="java.naming.provider.url" value="ldap://dhcp-107.winlab.fab.redhat.com:389"/>
            <module-option name="java.naming.security.authentication" value="simple"/>
            <module-option name="bindDN" value="cn=Administrator,cn=users,DC=domain1,DC=winlab,DC=fab,DC=redhat,DC=com"/>
            ...
{code}

But, an authentication failed and I got a message "The web console could not be loaded. Authentication required." in the console. It seems that host.xml need to have security-domain section similar to standalone.xml. "-jaas" of  JVM option does not work as well.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list