Wildfly 10 CLI安全域配置

时间:2017-02-03 07:47:31

标签: configuration command-line-interface wildfly

现在我们对wildfly和configuration.xml的配置是由十几个相互调用的cmd脚本完成的,依此类推。所以非常直接令人讨厌地狱。

现在我想通过编写一个可以根据需要进行所有配置的cli脚本来摆脱所有这些,但在开始时我已经卡住了。

我只想在CLI上添加xml的这种布局:

    <security-realm name="ssl-realm">
        <server-identities>
            <ssl>
                <keystore path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password"/>
            </ssl>
        </server-identities>
    </security-realm>

因此输入/core-service=management/security-realm=ssl-realm/:add将添加安全领域。当我现在想要使用如下命令添加内部部分时:

/core-service=management/security-realm=ssl-realm/:write-attribute(name=server-identity,value=ssl)

/core-service=management/security-realm=ssl-realm/server-identity=ssl/:add

我收到了消息

{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0201: Unknown attribute 'server-identity'",
    "rolled-back" => true
}


null

尝试直接使用安全领域添加服务器标识时:

/core-service=management/security-realm=ssl-realm/server-identity=ssl/:add

我收到错误:

{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0175: Resource [
    (\"core-service\" => \"management\"),
    (\"security-realm\" => \"ssl-realm\")
] does not exist; a resource at address [
    (\"core-service\" => \"management\"),
    (\"security-realm\" => \"ssl-realm\"),
    (\"server-identity\" => \"ssl\")
] cannot be created until all ancestor resources have been added",
    "rolled-back" => true
}

询问谷歌或野生动物文档并没有真正帮助。所以,如果有人知道该怎么做,我将不胜感激。

2 个答案:

答案 0 :(得分:3)

尝试使用以下命令:

/core-service=management/security-realm=ssl-realm:add()
/core-service=management/security-realm=ssl-realm/server-identity=ssl:add(alias=value,keystore-relative-to=jboss.standalone.config.dir,keystore-password=abc,keystore-path=abc.jks)

答案 1 :(得分:0)

同样的错误也适用于数据库配置:

/subsystem=security/security-domain=testDB:add

/subsystem=security/security-domain=testDB/authentication=classic:add

/subsystem=security/security-domain=testDB/authentication=classic/login-module=Database:add(code=Database,flag=required,module-options=[("dsJndiName"=>"java:/MyDatabaseDS"),("principalsQuery"=>"select passwd from Users where username=?"),("rolesQuery"=>"select role, 'Roles' from UserRoles where username=?")])

reload

来源:Configuring a Security Domain to use the Database Login Module

相关问题
最新问题