您的位置: 首页  >  技术问答  >  我可以在红帽JBoss EAP 6中使用CLI编写服务器标识值吗?

我可以在红帽JBoss EAP 6中使用CLI编写服务器标识值吗?

分类: 技术问答 2022-09-29 17:50:14
问题描述:

我想知道如何使用CLI为管理域实例的server-identities属性添加新的secret value属性。我可以在红帽JBoss EAP 6中使用CLI编写服务器标识值吗?

通过命令行添加新用户时,建议将秘密值添加到服务器实例。但没有很多关于如何做到这一点的信息。我们知道这发生在host-master.xml文件中,并且我明白我可以在XML中编辑它。一个例子如下:

<management> 
    <security-realms> 
     <security-realm name="ManagementRealm"> 
      <server-identities> 
        <secret value="superdupersecret" /> 
      </server-identities> 
      <authentication> 
       <local default-user="$local" /> 
       <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/> 
      </authentication> 
     </security-realm> 
     . 
     . 
     . 
</management>

我可以通过运行read-resource操作从根(即“鸟枪法”,以管道在运行时进行传递用于快速搜索的所有参数和变量)如下查看节点。我本可以轻易地理解它。

:read-resource(recursive=true, include-runtime=true) > nameoffile.txt

这显示了我后面的节点的路径。

"host" => {"master" => { 
     ...snip... 
     "core-service" => { 
      "management" => { 
       "ldap-connection" => undefined, 
       "management-interface" => { 
        "native-interface" => { 
         "interface" => "management", 
         "port" => expression "${jboss.management.native.port:9999}", 
         "security-realm" => "ManagementRealm" 
        }, 
        "http-interface" => { 
         "console-enabled" => true, 
         "interface" => "management", 
         "port" => expression "${jboss.management.http.port:9990}", 
         "secure-port" => undefined, 
         "security-realm" => "ManagementRealm" 
        } 
       }, 
       "security-realm" => { 
        "ManagementRealm" => { 
         "authorization" => undefined, 
         "plug-in" => undefined, 
         "server-identity" => undefined, 
         "authentication" => { 
          "local" => { 
           "allowed-users" => undefined, 
           "default-user" => "$local"

我可以再cd到节点,但我不知道操作成分在这个层面的东西。我可以在CLI中编写其他值和属性,但在这个级别,我不确定这个方法是什么。任何建议感激。例如,这些失败。假设我不需要在写入值之前先添加这个属性,并且这个节点甚至可以写入CLI(任何想法Alexey?)。

[[email protected]:9999 security-realm=ManagementRealm] /host=master/core-service=management/security-realm=ManagementRealm/server-identity/:write(server-identity="new_value")

和:

[[email protected]:9999 security-realm=ManagementRealm] /host=master/core-service=management/security-realm=ManagementRealm/:write(server-identity="new_value")

ejb-security-interceptors项目有CLI script与此交易。相关部分如下:

/core-service=management/security-realm=ejb-outbound-realm:add  
/core-service=management/security-realm=ejb-outbound-realm/server-identity=secret:add(value="Q29ubmVjdGlvblBhc3N3b3JkMSE=")

相关推荐