3 Replies Latest reply on Dec 10, 2013 3:58 AM by nizzy

    Create JAAS Login-Module using CLI

    nizzy

      AS 7.2.0

      --

       

      After creating the security-domain using CLI. I want the standalone.xml to look something like below;

       

      <security-domain name="A_DOMAIN" cache-type="default" >
      <authentication> 
                <login-module
                    code="DatabaseServerLoginModule"  flag="required"> 
                         <module-option name="dsJndiName" value="java:jboss/datasources/A_MODULEDS" />   
                </login-module> 
            </authentication>
      </security-domain>
      

       

      No matter the command I try (have tried all on the web and also viewed the Jiras) I cannot get the module-option to appear.

       

      For instance;

       

      batch
      /subsystem=security/security-domain=A_DOMAIN/:add(cache-type=default)
      /subsystem=security/security-domain=A_DOMAIN/authentication=classic :add(login-modules=[{"code"=>"DatabaseServerLoginModule", "flag"=>"required", "module-options"=>[("dsJndiName"=>"java:jboss\datasources\A_DOMAINDS")]}])
      run-batch
      

       

      Create the security-domain, reports no error but does not create the authentication, login-module or module-options elements

      <security-domain name="A_DOMAIN" cache-type="default"/>
      

       

      I must be doing something really silly, any help would be appreciated.

        • 1. Re: Create JAAS Login-Module using CLI
          nizzy

          Even running the example here

           

          Gives me;

           

          <security-domain name="DemoAuthRealm"/>

          • 2. Re: Create JAAS Login-Module using CLI
            r.reimann

            Hi Alan,


            executing the commands as a batch seems to swallow a warning. If you remove the batch/run-batch or execute the commands interactively within the CLI you should get a warning on the second command:


            [standalone@localhost:9999 /] /subsystem=security/security-domain=A_DOMAIN/:add(cache-type=default)                                                

            {"outcome" => "success"}

             

            [standalone@localhost:9999 /] /subsystem=security/security-domain=A_DOMAIN/authentication=classic :add(login-modules=[{"code"=>"DatabaseServerLoginModule", "flag"=>"required", "module-options"=>[("dsJndiName"=>"java:jboss\datasources\A_DOMAINDS")]}])

            Operation 'add' does not expect any property.

             

            Since the add operation doesn't support properties in AS 7.2 you need to split up the second command:

             

            batch

            /subsystem=security/security-domain=A_DOMAIN/:add(cache-type=default)

            /subsystem=security/security-domain=A_DOMAIN/authentication=classic:add

            /subsystem=security/security-domain=A_DOMAIN/authentication=classic:write-attribute(name=login-modules, value=[{"code"=>"DatabaseServerLoginModule", "flag"=>"required", "module-options"=>[("dsJndiName"=>"java:jboss\datasources\A_DOMAINDS")]}])

            run-batch

             

            Best regards

            Robert

            • 3. Re: Create JAAS Login-Module using CLI
              nizzy

              Thanks Robert,

               

              Appreciated very much.