Hi,

In the month of November-2011 we wrote some articles for (JBossAS7.1.0Beta1) “EJB based CXF WebService with Basic Authentication in JBoss AS7” (http://middlewaremagic.com/jboss/?p=958). And “Basic Authentication in WebApp Based CXF WebService JBoss AS7” (http://middlewaremagic.com/jboss/?p=976).

In the above examples we created the “security-domain” by manually editing the JBoss configuration file “standalone-full.xml”. But as we know that JBoss provides us a lots of reliable and quick options in order to configure various resources. JBoss CLI (Command Line Utility) is one of them, So here we will see how we can very easily create the security-domain on the server with the help of CLI.

Configuring “security-domain” using CLI

Step1). Make sure that your JBoss is running so and it’s Native Management Port and Address is accessible to the CLI utility. I am starting the JBoss with the following option:

.
   ./standalone.sh -c standalone-full.xml -b 10.10.10.10 -bmanagement 10.10.10.10
.

NOTE: Here we started JBoss with the “-bmanagement” so that the We can access JBoss using Native interface on address “10.10.10.10” by default it will be localhost, Which restricts us to access the JBoss Native Interface remotely.

Step2). Now we will create security-domain with name “cxfservice-security-domain” using code “UsersRoles”. Open a command/Shell Prompt and then move inside “/home/userone/jboss-as-7.1.2.Final/bin” and then run the following script to start the JBoss CLI and to connect it to running JBoss:

.
  ./jboss-cli.sh --connect --controller=10.10.10.10:9999
.

Step3). Once you get successfully connected to JBoss using CLI then you can run the following two Commands in order to create a security-domain

.
.
[standalone@10.10.10.10:9999 /]  /subsystem=security/security-domain=cxfservice-security-domain/:add(cache-type=default)

{"outcome" => "success"}

.
.
[standalone@10.10.10.10:9999 /] /subsystem=security/security-domain=cxfservice-security-domain/authentication=classic:add(login-modules=[{"code"=>"UsersRoles", "flag"=>"required", "module-options"=>[("usersProperties"=>"cxfservice-users.properties"),("rolesProperties"=>"cxfservice-roles.properties"),("unauthenticatedIdentity"=>"nobody")] }]   )


{
    "outcome" => "success",
    "response-headers" => {
        "operation-requires-reload" => true,
        "process-state" => "reload-required"
    }
}
.
.

As the above two commands got executed successfully so you will be able to see the changes in your “jboss-as-7.1.2.Final/standalone/configuration/standalone-full.xml” file as following:

.
<security-domain name="cxfservice-security-domain" cache-type="default">
  <authentication>
    <login-module code="UsersRoles" flag="required">
      <module-option name="usersProperties" value="cxfservice-users.properties"/>
      <module-option name="rolesProperties" value="cxfservice-roles.properties"/>
      <module-option name="unauthenticatedIdentity" value="nobody"/>
    </login-module>
  </authentication>
</security-domain>
.

.
.

To know how to run jboss-cli.sh in GUI mode ?

refer to the following link: http://middlewaremagic.com/jboss/?p=2018

.
.
Thanks
MiddlewareMagic Team 🙂

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.