-
1. Re: EAP 7 management-http authentication in java code
mchoma Nov 9, 2017 8:36 AM (in response to kavinthamaduranga)1 of 1 people found this helpfulI assume you are running that from same machine. By default ManagementRealm allow local access. If you remove <local default-user="$local" skip-group-loading="true"/> from standalone.xml access will be checked against property file mgmt-users.properties.
-
2. Re: EAP 7 management-http authentication in java code
kavinthamaduranga Nov 9, 2017 11:02 PM (in response to mchoma)Thanks Martin for the clue and once i removed "<local default-user="$local" skip-group-loading="true"/>" tag, authentication was requires. It worked.
-
3. Re: EAP 7 management-http authentication in java code
dlofthouse Nov 10, 2017 5:52 AM (in response to kavinthamaduranga)2 of 2 people found this helpfulOne point to keep in mind, there the <local /> element is present within the security realm definition authentication still occurs.
In the case of local authentication the server writes a small token to a file within the servers directory hierarchy, the client then reads this token and sends it back to the server to prove that it could read the file.
Remote clients do not have access to the filesystem so would never be able to authenticate using the local mechanism.
Also local clients on the same machine that do not have access to the directory structure of the application server would not be able to read the token that is written so also would not be able to use the mechanism.
For all clients that can not use the local authentication mechanism they then fallback to username / password based authentication.