5 Replies Latest reply on Jul 11, 2016 11:55 PM by sidde3

Integrating management console with multiple securityRealm

sidde3 Jul 8, 2016 10:47 PM

Can anyone help me to configure multiple security realm in such a way that JBOSS management console can allow authentication from multiple realm at the sametime.

In current scenario lets suppose I have two security realm like below one is ManagementRealm and ApplicationRealm but JBOSS doesn't allow both at a time

<management-interfaces>

<native-interface security-realm=ManagementRealm">

<socket-binding native="management-native"/>

</native-interface>

<http-interface security-realm="ManagementRealm">

<socket-binding http="management-http"/>

</http-interface>

</management-interfaces>

Is there any configuration so that we can use both the security realm ?

Regards,

Sid

1. Re: Integrating management console with multiple securityRealm

abhijithumbe Jul 9, 2016 9:41 PM (in response to sidde3)

http interface which is usedd by management console didnt support multiple realms. As per my understanding this feature will be supported in EAP 7 release.
Actions
2. Re: Integrating management console with multiple securityRealm

sidde3 Jul 10, 2016 12:26 AM (in response to sidde3)

Hello Abhijit,

Thanks for your reply.

Can you please send me the link where I can check this ?

Regards,
Sid
Actions
3. Re: Integrating management console with multiple securityRealm

mchoma Jul 11, 2016 1:45 AM (in response to sidde3)

You can create new security realm, which will cover both security realms. You can configure multiple authentication elements inside security realm. Although you can't define all combinations at once (e.g jaas and ldap), see authenticationType in docs/schema/wildfly-config_4_1.xsd. Are you able to solve your problem with this limitation?
Actions
4. Re: Integrating management console with multiple securityRealm

sidde3 Jul 11, 2016 4:51 AM (in response to mchoma)

Hello Martin,

I have tried to configure security domain something like this but it is not working. Can you please help ?

<security-domain name="mix-auth" cache-type="default">
    <authentication>
        <login-module code="custom.MyLoginModule" flag="required" module="custom_module">
                    <module-option name="usersProperties" value="${jboss.server.config.dir}/users.properties"/>
                <module-option name="rolesProperties" value="${jboss.server.config.dir}/roles.properties"/>
                </login-module>
        <login-module code="com.sid.oslogin.login" flag="required" module="oslogin.sid" />
    </authentication>
</security-domain>

Regards,
Siddhartha
Actions
5. Re: Integrating management console with multiple securityRealm

sidde3 Jul 11, 2016 11:55 PM (in response to sidde3)

Thnak you Martin for your idea.

I have successfully integrated with Jboss Management Console with multiple type of registry and jboss is allowing to login from all the security registry.

Thank you once again for your idea.

Regards,
Siddhartha
Actions

Go to original post