configuring the password rules for jboss 6 EAP add-user.sh

Question

Is there a way to configure the password strength for the add-user.sh script in Jboss 6 EAP?

Answer 1

This was not possible, so somebody made a feature request for it in the community Wildfly project: https://issues.jboss.org/browse/WFLY-1611

Wildfly 8 should have it, but it's not known when (if ever) this gets merged back to EAP 6.

---

Alternatively, you can bypass add-user and create the user by hand with any password for standalone mode. Of course, it's not because you can that you should always do so, password rules are there for security. Only do this for development, and surely don't copy your install or configuration folder to production!

• Go to <jboss-install>/standalone/configuration and open mgmt-users.properties.
• Find the line with #$REALM_NAME= and note the value after the =, last $ excluded. In my case it is ManagementRealm.
• If you have Linux, run the following (substitute your user, the value noted above and password):
  echo -n '<user>:<realm>:<password>' | md5sum
  If you have Windows you will have to find your own utility to generate MD5 hashes. If you write the user/realm/password combo to file to let an MD5 tool do its work, check that there is no newline character at the end of your file or the hash will be off. You also won't need the quotes in that case.
• md5sum will output a hexidecimal value. Go back to mgmt-users.properties and add a line at the end:
  <user>=<MD5 hash>

Answer 2

There is no such a way to define the rules but it allows alphanumerics and special characters...