2 Replies Latest reply on Sep 7, 2016 2:26 PM by hchenkwi

    wildfly user type differences

    hchenkwi

      Hi there,

       

      I'm using Wildfly 10.0.0.final on Solaris 10 with java 8.  when I installed Wildfly following the startup guide, I created a user belongs to manageRealm. Application works.

       

      But now some questions comes up from admin team:

       

      1. from document it seems that in wildfly there is manage level user (manageRealm) and application level user (applicationRealm).  what is the difference between them?  I didn't set up application level user, then tested all the applications already.  Is this wrong? should I set up application user and then test my applications? where is the effect of the user for the application?

       

      I actually don't know what is the difference between them, because when I run my application I didn't use those users. I only used the manage level user when accessing admin console from browser.

       

      2. when I start wildfly using standalone.sh, it does not ask for any username and password. I know the Old JBoss ( we used Jboss 4.2.3, the start up script requires username and password).  Is this correct?  or did I miss anything and should config the standalone.sh to use username and password?

       

      3. when run command "./jboss-cli.sh --connect", I also didn't provide any userid and password, I found the user role actually is "SuperUser" when I run ":whoami(verbose=true)".

      Is this the way to use the jboss_cli.sh ? Or I missed something and I should config the script to ask for userid and password?

       

      4. Before we make Wildfly as production, we want to make sure it is safe. Is there any list of things that I should go through and configure to make Wildfly safe?

       

      Thanks a lot,

       

      Helen