2 Replies Latest reply on Jul 15, 2013 10:37 AM by akshy_harale

Unable to add security-domain in jboss using admin api.

akshy_harale Jul 15, 2013 7:05 AM

I am migrating from jboss-as-7.1 to jboss-eap-6.1-Alpha. While doing that I am facing following issue:

I am not able to add security-domain to standalone.xml using admin api. It fails to add child tags inside security-domain tag. e.g.

<security-domain name="SampleSecurityDomain" cache-type="default"/>. (Authentication and login-module child tags does not get added to <security-domain> )

Also, the datasource is getting added.

FYI: All the tags are added for same request in case of jboss-as-7.1

Request for this operation is as follows :

{

"operation-headers" => {"allow-resource-service-restart" => false},

"operation" => "composite",

"address" => [],

"steps" => [

{

"operation" => "add",

"address" => [

("subsystem" => "security"),

("security-domain" => "esqlsampleSecurityDomain")

"cache-type" => "default"

{

"operation" => "add",

"address" => [

("subsystem" => "security"),

("security-domain" => "esqlsampleSecurityDomain"),

("authentication" => "classic")

"login-modules" => [{

"code" => "SecureIdentity",

"flag" => "required",

"module-options" => [

("username" => "user_name"),

("password" => "encodedpassword")

]

}]

{

"operation" => "add",

"address" => [

("subsystem" => "datasources"),

("data-source" => "esqlsample")

"pool-name" => "eqlsample",

"pool-prefill" => "false",

"min-pool-size" => 20,

"max-pool-size" => 50,

"pool-use-strict-min" => "false",

"pool-flush-strategy" => "FailingConnectionOnly",

"valid-connection-checker-class-name" => "org.jboss.jca.adapters.jdbc.extensions.mssql.MSSQLValidConnectionChecker",

"check-valid-connection-sql" => "select 1",

"validate-on-match" => "true",

"use-fast-fail" => "false",

"exception-sorter-class-name" => "org.jboss.jca.adapters.jdbc.extensions.novendor.NullExceptionSorter",

"blocking-timeout-wait-millis" => 30000,

"jndi-name" => "java:/edmsqlsample",

"driver-name" => "E-SQLServer",

"connection-url" => "jdbc:sqlserver://ipaddress\\E5000:0;DatabaseName=EDB",

"security-domain" => "edmsqlsampleSecurityDomain"

{

"operation" => "enable",

"address" => [

("subsystem" => "datasources"),

("data-source" => "esqlsample")

]

}

]

}

1. Re: Unable to add security-domain in jboss using admin api.

wdfink Jul 15, 2013 9:20 AM (in response to akshy_harale)

If I use /subsystem=security/security-domain=XXXX:add(cache-type=default) this works and the SD is added to the subsystem inside the xml.

What commands do you use? What is the error message?
Actions
2. Re: Unable to add security-domain in jboss using admin api.

akshy_harale Jul 15, 2013 10:37 AM (in response to wdfink)

Actualy I am doing this using ModelControllerClient.execute(Operation) api, not from the cli command .
The security-domain get added like this <security-domain name="XXXXX" cache-type="default" />, but not the tags inside security-domain, which should look like this.

<security-domain name="XXXXX" cache-type="default">
<authentication>
      <login-module code="SecureIdentity" flag="required">
           <module-option name="username" value="uname"/>
           <module-option name="password" value="password"/>
        </login-module>
     </authentication>
</security-domain>

I am using following code to create the datasource.

ModelControllerClient client = getClient();
        try {
            ModelNode response = client.execute(new OperationBuilder(request).build()); // request : this contains above mentioned request.
            String msg = response.get(OUTCOME).asString();
            if (msg.equals(FAILED)) {
                throw new IOException(response.get(FAILURE_DESCRIPTION)
                        .asString());
            }
            return response;
        } finally {
             safeClose(client);
        }

Message was edited by: Akshay Harale
Actions

Go to original post