1 Reply Latest reply on Jul 25, 2018 5:04 AM by Martin Choma

    Jboss 7.1 - management authentication LDAP + mgmt-users.properties?

    Vladislav Rames Newbie

      Hello,

       

      I've successufully set mgmt authentication aganst LDAP regarding articles

      LDAP and WildFly part 1: securing the management console

      or 9.7.4. Use LDAP to Authenticate to the Management Interfaces - Red Hat Customer Portal ,

      but our customer asked us for possibility of both types of management authentication:

       

      - primary named authentication from LDAP

      - in emergency cases authentication with system account (jbossadm - from mgmt-users.properties).

       

      I've tested it on JBOSS EAP 7.1.

       

      I'm not able to find possibility how to manage it (if it can be managed).

       

      Can you please give me any hint/advice - if this possibility exist?

       

      Thank you in advance

       

      Best Regards

       

      Vladislav

        • 1. Re: Jboss 7.1 - management authentication LDAP + mgmt-users.properties?
          Martin Choma Master

             <xs:complexType name="authenticationType">

                  <xs:annotation>

                      <xs:documentation>

                          Configuration of the server side authentication mechanisms.

           

                          Optionally one truststore can be defined and one username/password based store can be defined.

                          Authentication will first attempt to use the truststore and if this is not available will fall back

                          to the username/password authentication.

           

                          If none of these are specified the only available mechanism will be the local mechanism for the

                          Native interface and the HTTP interface will not be accessible.

                      </xs:documentation>

                  </xs:annotation>

                  <xs:sequence>

                      <xs:element name="truststore" type="realmKeyStoreType" minOccurs="0">

                          <xs:annotation>

                              <xs:documentation>

                                  Configuration of a keystore to use to create a trust manager to verify clients.

                              </xs:documentation>

                          </xs:annotation>

                      </xs:element>

                      <xs:element name="local" type="localType" minOccurs="0">

                          <xs:annotation>

                              <xs:documentation>

                                  Configuration to enable the local authentication mechanism, if this element

                                  is omitted then local authentication will be disabled.

                              </xs:documentation>

                          </xs:annotation>

                      </xs:element>

                      <xs:element name="kerberos" type="kerberosAuthenticationType" minOccurs="0">

                          <xs:annotation>

                              <xs:documentation>

                                  Configuration to enable Kerberos authentication.

                              </xs:documentation>

                          </xs:annotation>

                      </xs:element>

                      <xs:choice minOccurs="0">

                          <xs:element name="jaas" type="jaasAuthenticationType" minOccurs="0" />

                          <xs:element name="ldap" type="ldapAuthenticationType" minOccurs="0" />

                          <xs:element name="properties" type="propertiesAuthenticationType" minOccurs="0" />

                          <xs:element name="users" type="usersAuthenticationType" minOccurs="0" />

                          <xs:element name="plug-in" type="plug-inAuthType" minOccurs="0" />

                      </xs:choice>

                  </xs:sequence>

              </xs:complexType>