Reputation: 12222
How to secure web application with ManagementRealm in JBoss EAP 6.2?
Is there a way to secure web application with the same user and roles configuration that ManagementRealm?
I know that there is a security-domain "java:/jaas/other" that delegates to ApplicationRealm. How to create similar security-domain that delegates to ManagementRealm?
Other words - I want a web application to be accessible by same users that can access JBoss' Admin Console.
I'm running domain mode.
//Edit:
I was able to set-up security domain that refers to management realm by using login-module RealmDirect and setting realm=ManagementRealm Authentication works fine, however it does not pick user roles. Exact same configuration for ApplicationRealm works fine.
Upvotes: 0
Views: 1803
Answers (1)
Reputation: 1316
I had the same challenge. After defining a security domain that refers to "ManagementRealm" and defining the role in web.xml, the trick is to configure the ManagementRealm to map groups to roles:
authorization map-groups-to-roles="true"
<security-realm name="ManagementRealm">
<authentication>
<local default-user="$local" skip-group-loading="true"/>
<properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
<authorization map-groups-to-roles="true">
<properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
</authorization>
</security-realm>
Upvotes: 0
Related Questions
- EJBInvokerServlet / JMXInvokerServlet
- Unable to deploy application when Java Security Manager is enabled on JBoss 6.x EAP
- JBoss EAP 6 - Secure the communications channels between clustered nodes
- Java EE Server Independent Security
- Custom Security mechanism in Java EE 6/7 application
- Securing JMXConnectorServerService (jmx-remoting.sar) in JBoss 5.1.0.GA
- How to secure RESTful interface in JBoss AS 7
- Securing JBoss admin console
- JAAS web-security on jboss 5
- JBoss security issue