There
is a need for adding Users for accessing the admin console. When ever
we start the Standalone or domain Mode servers, the start up page
says to add Users like
JBoss
makes use of security realms to secure access to the management
interfaces, these same realms are used to secure inbound access as
exposed by JBoss Remoting such as remote JNDI and EJB access, the
realms are also used to define an identity for the server - this
identity can be used for both inbound connections to the server and
outbound connections being established by the server.
ManagementRealm
is a simple realm available in Jboss, this simply enables two
authentication mechanisms, the local mechanism and username/password
authentication which will be using Digest authentication
For
username / password authentication the users details will be loaded
from the file mgmt-users.properties which is located in
{jboss.home}/standalone/configuration
Each
user is represented on their own line and the format of each line is
username=HASH where HASH is a pre-prepared hash of the users password
along with their username and the name of the realm which in this
case is ManagementRealm.
Add
Users For the management Console
[root@vx111a
bin]# ./add-user.sh
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): a
Enter the details of the new user to add.
Realm (ManagementRealm) :
Username : system
Password :
Re-enter Password :
About to add user 'system' for realm 'ManagementRealm'
Is this correct yes/no? y
Added user 'system' to file '/soa/jboss-as-7.1.1.Final/standalone/configuration/mgmt-users.properties'
Added user 'system' to file '/soa/jboss-as-7.1.1.Final/domain/configuration/mgmt-users.properties'
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): a
Enter the details of the new user to add.
Realm (ManagementRealm) :
Username : system
Password :
Re-enter Password :
About to add user 'system' for realm 'ManagementRealm'
Is this correct yes/no? y
Added user 'system' to file '/soa/jboss-as-7.1.1.Final/standalone/configuration/mgmt-users.properties'
Added user 'system' to file '/soa/jboss-as-7.1.1.Final/domain/configuration/mgmt-users.properties'
Add
Users in Different Way
C:\Users\xprk477\jboss-eap-6.0\bin>add-user.bat
adminUser jbs4up
Added
user 'adminUser' to file
'C:\Users\xprk477\jboss-eap-6.0\standalone\configuration\mgmt-users.properties'
Added
user 'adminUser' to file
'C:\Users\xprk477\jboss-eap-6.0\domain\configuration\mgmt-users.properties'
Press
any key to continue . . .
Note
: If you add users using this approach there is a risk that any other
user that can view the list of running process may see the arguments
including the password of the user being added, there is also the
risk that the username / password combination will be cached in the
history file of the shell you are currently using.
Adding
a Application User
C:\Users\xk477\jboss-eap-6.0\bin>add-user.bat
What
type of user do you wish to add?
a)
Management User (mgmt-users.properties)
b)
Application User (application-users.properties)
(a):
b
Enter
the details of the new user to add.
Realm
(ApplicationRealm) :
Username
: appUser
Password
:
Re-enter
Password :
What
roles do you want this user to belong to? (Please enter a comma
separated list, or leave blank for none)[ ]:
User
About
to add user 'appUser' for realm 'ApplicationRealm'
Is
this correct yes/no? y
Added
user 'appUser' to file
'C:\Users\xprk477\jboss-eap-6.0\standalone\configuration\application-users.properties'
Added
user 'appUser' to file
'C:\Users\xprk477\jboss-eap-6.0\domain\configuration\application-users.properties'
Added
user 'appUser' with roles User to file
'C:\Users\xprk477\jboss-eap-6.0\standalone\configuration\application-r
oles.properties'
Added
user 'appUser' with roles User to file
'C:\Users\xprk477\jboss-eap-6.0\domain\configuration\application-roles
.properties'
Is
this new user going to be used for one AS process to connect to
another AS process?
e.g.
for a slave host controller connecting to the master or for a
Remoting connection for server to server EJB cal
ls.
yes/no?
y
To
represent the user add the following to the server-identities
definition <secret value="amJzNHVw" />
Press
any key to continue . . .
C:\Users\xprk477\jboss-eap-6.0\bin>add-user.bat
-a appUser jbs4up
Added
user 'appUser' to file
'C:\Users\xprk477\jboss-eap-6.0\standalone\configuration\application-users.properties'
Added
user 'appUser' to file
'C:\Users\xprk477\jboss-eap-6.0\domain\configuration\application-users.properties'
Press
any key to continue . . .
Updating
a user
C:\Users\xprk477\jboss-eap-6.0\bin>add-user.bat
What
type of user do you wish to add?
a)
Management User (mgmt-users.properties)
b)
Application User (application-users.properties)
(a):
b
Enter
the details of the new user to add.
Realm
(ApplicationRealm) :
Username
: appUser
User
'appUser' already exits, would you like to update the existing user
password and roles
Is
this correct yes/no? y
Password
:
Re-enter
Password :
What
roles do you want this user to belong to? (Please enter a comma
separated list, or leave blank for none)[User]
:
Admin
Updated
user 'appUser' to file
'C:\Users\xprk477\jboss-eap-6.0\standalone\configuration\application-users.propertie
s'
Updated
user 'appUser' to file
'C:\Users\xprk477\jboss-eap-6.0\domain\configuration\application-users.properties'
Updated
user 'appUser' with roles Admin to file
'C:\Users\xprk477\jboss-eap-6.0\standalone\configuration\applicatio
n-roles.properties'
Updated
user 'appUser' with roles Admin to file
'C:\Users\xprk477\jboss-eap-6.0\domain\configuration\application-ro
les.properties'
Is
this new user going to be used for one AS process to connect to
another AS process?
e.g.
for a slave host controller connecting to the master or for a
Remoting connection for server to server EJB cal
ls.
yes/no?
y
To
represent the user add the following to the server-identities
definition <secret value="amJzNHVw" />
Press
any key to continue . . .
Happy
learning :-)
