[jboss-user] [Beginner's Corner] - JBoss AS 7.1.x Securing Management Console

Discussion:

[jboss-user] [Beginner's Corner] - JBoss AS 7.1.x Securing Management Console - Authentication/SSL

Kevin Gorman

2013-03-07 13:13:06 UTC

Kevin Gorman [https://community.jboss.org/people/kevgo] created the discussion

"JBoss AS 7.1.x Securing Management Console - Authentication/SSL"

To view the discussion, visit: https://community.jboss.org/message/801305#801305

--------------------------------------------------------------
I have JBoss EAP 6 (AS 7.1.3) up and running and delivering our application.Â I would like to configure the management console to authenticate based upon 'local accounts' on the box.Â We are currently using winbind (RHEL 6) and authenticating users against AD based upon group membership.Â Are there any authentication modules which can use the same authentication method?Â I also need a bit of direction to kick the management console over to 'management-https'.Â I am using HTTPS with the app, have a valid keystore and just need to do the same with the management console but am having a few difficulties.

I'm new to JBoss definitely a beginner.. any insights would be appreciated.

kevgo.
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/801305#801305]

Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]

Kevin Gorman

2013-03-07 19:49:32 UTC

Permalink

Kevin Gorman

2013-03-08 15:44:58 UTC

Permalink

Kevin Gorman [https://community.jboss.org/people/kevgo] created the discussion

"Re: JBoss AS 7.1.x Securing Management Console - Authentication/SSL"

To view the discussion, visit: https://community.jboss.org/message/801598#801598

--------------------------------------------------------------
Who would have thought spelling mattered..

Â Â Â <management>
Â Â Â Â Â Â Â <security-realms>
Â Â Â Â Â Â Â Â Â Â Â <security-realm name="ManagementRealm">
**
Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â <server-identities>
Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â <ssl>
Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â <keystore path="/usr/share/jboss-as/jboss-eap-6.0/jboss.keystore" keystore-password="changeit"/>
Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â </ssl>
Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â </server-identities>
Â Â Â Â Â Â Â <authentication>
Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â <local default-user="$local"/>
Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â </authentication>
Â Â Â Â Â Â Â Â Â Â Â </security-realm>

ï»¿
And then..

Â Â Â Â Â Â Â Â Â Â Â <http-interface security-realm="ManagementRealm">
**
Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â <socket-binding http*s*="management-https"/>
Â Â Â Â Â Â Â Â Â Â Â </http-interface>
Â Â Â Â Â Â Â </management-interfaces>
Â Â Â </management>

Likely won't be the last time I stare at XML looking for typos...

Next step is the tie in to LDAP.
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/801598#801598]

Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]