4 Replies Latest reply on Nov 2, 2018 7:00 PM by r.fernandon

    Problem creating security-domain with jboss-cli (wildfly 12)

    r.fernandon
    r.fernandon Oct 30, 2018 5:55 PM

      command executed:

       

      jboss-cli.sh --connect --command="/subsystem=security/security-domain=App:add" \

      jboss-cli.sh --connect --command="/subsystem=security/security-domain=App/authentication=classic:add( \

              login-modules=[{ \

                  "code"=>"Database", \

                  "flag"=>"required", \

                  "module-options"=>[ \

                      "dsJndiName"=>"java:jboss/datasources/DS", \

                      "principalsQuery"=>SELECT pass FROM user WHERE username = ?, \

                      "rolesQuery"=>SELECT name, 'Roles' FROM user_x_roles WHERE username = ?, \

                      "unauthenticatedIdentity"=>"guest"] \

                  }])"

       

      result (wrong):

       

      <security-domain name="App">

           <authentication>

                <login-module code="Database" flag="required">

                     <module-option name="dsJndiName" value="java:jboss/datasources/DS"/>

                     <module-option name="principalsQuery" value="SELECT pass FROM user WHERE username = ?"/>

                     <module-option name="rolesQuery" value="SELECT name"/>

                     <module-option name="'Roles' FROM user_x_roles WHERE username" value="?"/>

                     <module-option name="unauthenticatedIdentity" value="guest"/>

                </login-module>

           </authentication>

      </security-domain>

       

      expected (correct):

       

      <security-domain name="App">

           <authentication>

                <login-module code="Database" flag="required">

                     <module-option name="dsJndiName" value="java:jboss/datasources/DS"/>

                     <module-option name="principalsQuery" value="SELECT pass FROM user WHERE username = ?"/>

                     <module-option name="rolesQuery" value="SELECT name, 'Roles' FROM user_x_roles WHERE username = ?"/>

                     <module-option name="unauthenticatedIdentity" value="guest"/>

                </login-module>

           </authentication>

      </security-domain>

       

      Does anyone know where I'm going wrong?

      it looks like it's breaking the line when there's a comma in the query (creating two tags module-option).

       

      tks

        • 1. Re: Problem creating security-domain with jboss-cli (wildfly 12)
          simkam
          simkam Oct 31, 2018 7:41 AM (in response to r.fernandon)

          Hi,

           

          putting the entire query to quotes should work.

           

          "rolesQuery"=> "SELECT name, 'Roles' FROM user_x_roles WHERE username = ?",\

            • Actions
          • 2. Re: Problem creating security-domain with jboss-cli (wildfly 12)
            r.fernandon
            r.fernandon Oct 31, 2018 12:52 PM (in response to simkam)

            hello Martin, now I have this error:

            macbook-ricardo:bin r.fernandon$ ./jboss-cli.sh --connect --command="/subsystem=security/security-domain=App/authentication=classic/login-module=Database:add(code=Database,flag=required,module-options=[("dsJndiName"=>"java:jboss/datasources/DS"),("principalsQuery"=>"select pass from user where username=?"),("rolesQuery"=>"select name, 'Roles' from user_x_roles where username=?"),("unauthenticatedIdentity"=>"guest")])"

             

            'pass' is assumed to be a command(s) but the commands to execute have been specified by another argument: [/subsystem=security/security-domain=App/authentication=classic/login-module=Database:add(code=Database,flag=required,module-options=[(dsJndiName=>java:jboss/datasources/DS),(principalsQuery=>select]

              • Actions
            • 3. Re: Problem creating security-domain with jboss-cli (wildfly 12)
              simkam
              simkam Nov 1, 2018 9:11 AM (in response to r.fernandon)

              just escape all inner quotes in command, this sequence works for me:

               

              ./jboss-cli.sh --connect --command="/subsystem=security/security-domain=App:add()"

              ./jboss-cli.sh --connect --command="/subsystem=security/security-domain=App/authentication=classic:add()"

              ./jboss-cli.sh --connect --command="/subsystem=security/security-domain=App/authentication=classic/login-module=Database:add(code=Database,flag=required,module-options=[(\"dsJndiName\"=>\"java:jboss/datasources/DS\"),(\"principalsQuery\"=>\"select pass from user where username=?\"),(\"rolesQuery\"=>\"select name, 'Roles' from user_x_roles where username=?\"),(\"unauthenticatedIdentity\"=>\"guest\")])"

                • Actions
              • 4. Re: Problem creating security-domain with jboss-cli (wildfly 12)
                r.fernandon
                r.fernandon Nov 2, 2018 7:00 PM (in response to simkam)

                Martin, It worked!

                tks

                  • Actions