我可以在红帽JBoss EAP 6中使用CLI编写服务器标识值吗?
问题描述:
我想知道如何使用CLI为管理域实例的server-identities
属性添加新的secret value
属性。我可以在红帽JBoss EAP 6中使用CLI编写服务器标识值吗?
通过命令行添加新用户时,建议将秘密值添加到服务器实例。但没有很多关于如何做到这一点的信息。我们知道这发生在host-master.xml
文件中,并且我明白我可以在XML中编辑它。一个例子如下:
<management>
<security-realms>
<security-realm name="ManagementRealm">
<server-identities>
<secret value="superdupersecret" />
</server-identities>
<authentication>
<local default-user="$local" />
<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
</authentication>
</security-realm>
.
.
.
</management>
我可以通过运行read-resource
操作从根(即“鸟枪法”,以管道在运行时进行传递用于快速搜索的所有参数和变量)如下查看节点。我本可以轻易地理解它。
:read-resource(recursive=true, include-runtime=true) > nameoffile.txt
这显示了我后面的节点的路径。
"host" => {"master" => {
...snip...
"core-service" => {
"management" => {
"ldap-connection" => undefined,
"management-interface" => {
"native-interface" => {
"interface" => "management",
"port" => expression "${jboss.management.native.port:9999}",
"security-realm" => "ManagementRealm"
},
"http-interface" => {
"console-enabled" => true,
"interface" => "management",
"port" => expression "${jboss.management.http.port:9990}",
"secure-port" => undefined,
"security-realm" => "ManagementRealm"
}
},
"security-realm" => {
"ManagementRealm" => {
"authorization" => undefined,
"plug-in" => undefined,
"server-identity" => undefined,
"authentication" => {
"local" => {
"allowed-users" => undefined,
"default-user" => "$local"
我可以再cd
到节点,但我不知道操作成分在这个层面的东西。我可以在CLI中编写其他值和属性,但在这个级别,我不确定这个方法是什么。任何建议感激。例如,这些失败。假设我不需要在写入值之前先添加这个属性,并且这个节点甚至可以写入CLI(任何想法Alexey?)。
[[email protected]:9999 security-realm=ManagementRealm] /host=master/core-service=management/security-realm=ManagementRealm/server-identity/:write(server-identity="new_value")
和:
[[email protected]:9999 security-realm=ManagementRealm] /host=master/core-service=management/security-realm=ManagementRealm/:write(server-identity="new_value")
答
的ejb-security-interceptors项目有CLI script与此交易。相关部分如下:
/core-service=management/security-realm=ejb-outbound-realm:add
/core-service=management/security-realm=ejb-outbound-realm/server-identity=secret:add(value="Q29ubmVjdGlvblBhc3N3b3JkMSE=")