In this post I will discuss that how you can have users and roles enabled in Jboss version 7.0.2.
There are 2 steps:
Step1: You need to edit the standalone.xml file and add following in the security-domain section:
<authentication>
<login-module code="UsersRoles" flag="required" />
</authentication>
</security-domain>
<security-domain name="form-auth" cache-type="default">
<authentication>
<login-module code="UsersRoles" flag="required">
<module-option name="usersProperties" value="users.properties"/>
<module-option name="rolesProperties" value="roles.properties"/>
</login-module>
</authentication>
This will enable the form authentication from the browser in Jboss.
Step2: Create the users and roles file and put them in $JBOSS_HOME/standalone/configuration directory and in the WEB-INF/classes directory of the application deployed. Mine looks like:
users.properties:
#Format: username=password
#
adminlsn=jboss7
mnglsn=jboss7
roles.properties:
adminlsn=Admin
adminlsn.Roles=Admin
mnglsn=Manager
mnglsn.Roles=Manager
Adding Restriction to Admin Console:
By default the Admin Console is not protected with access control. You can enable the restriction while logging into the admin console from the native and http interfaces.
edit the standalone.xml file where admin ports are mentioned in the management-interface section and change them as:
<management-interfaces>
<native-interface interface="management" port="9009" security-realm="PropertiesMgmtSecurityRealm"/>
<http-interface interface="management" port="9008" security-realm="PropertiesMgmtSecurityRealm"/>
</management-interfaces>
Now edit the "mgmt-users.properties" file in $JBOSS_HOME/standalone/configuration directory to look like:
#Format: username=password
#
#admin=admin
admin=jboss7
Comments