我的yml配置文件中有以下块:
access-control:
provider: rbac
role-mapping:
role:
"guest":
include:
user:
"buddy"
构建项目时,下面的条目会添加到生成的standalone-full.xml
中<system-properties>
<property name="swarm.management.access-control.role-
mapping.role.guest.include.user" value="buddy"/>
<property name="swarm.management.access-control.provider"
value="rbac"/>
</system-properties>
问题是我希望生成以下节点:
<access-control provider="rbac">
<role-mapping>
<role name="guest">
<include>
<user name="buddy"/>
</include>
</role>
</role-mapping>
</access-control>
有什么想法吗?
答案 0 :(得分:0)
您似乎正在尝试将基于角色的访问控制配置到管理界面。这对于应用程序本身而言不。那是你真正想要的吗?我不希望mgmt RBAC与WildFly Swarm一起使用。
如果这是你真正想要的,那么这里是解释所有概念的JBoss EAP文档:https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1/html-single/how_to_configure_server_security/#role_based_access_control
要根据http://docs.wildfly-swarm.io/2018.5.0/#_management将其翻译为WildFly Swarm YAML,我相信您需要的是这样的(请注意,我没有尝试过:-)):
swarm:
management:
security-realms:
ManagementRealm:
in-memory-authentication:
users:
albert: # creating a user in the mgmt realm
password: einstein
authorization-access:
provider: rbac
role-mappings:
Operator: # one of the pre-defined roles, can't create new ones
includes:
user-albert: # by convention, should always be user-xxx or group-xxx
name: albert
type: user
但我会重复,我不认为你真的想要这个。如果你能描述一下你的用例,我可以帮助你做得更好。