I'd like to know how to use the CLI to add a new secret value
attribute to the server-identities
attribute for a Managed Domain instance.
While adding a new user via the command line we are recommended to add the secret value to the server instance. But there's not a lot of information given on how to do that. We know that this occurs in the host-master.xml
file for instance, and that I understand that I can edit this in the XML. An example is as follows:
<management>
<security-realms>
<security-realm name="ManagementRealm">
<server-identities>
<secret value="superdupersecret" />
</server-identities>
<authentication>
<local default-user="$local" />
<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
</authentication>
</security-realm>
.
.
.
</management>
I can view the node by running the read-resource
operation as follows from the root (the "shotgun approach" to piping all the parameters and variables passed at runtime out for a quick search). I could have easily grepped it.
:read-resource(recursive=true, include-runtime=true) > nameoffile.txt
This shows the path of the node I'm after.
"host" => {"master" => {
...snip...
"core-service" => {
"management" => {
"ldap-connection" => undefined,
"management-interface" => {
"native-interface" => {
"interface" => "management",
"port" => expression "${jboss.management.native.port:9999}",
"security-realm" => "ManagementRealm"
},
"http-interface" => {
"console-enabled" => true,
"interface" => "management",
"port" => expression "${jboss.management.http.port:9990}",
"secure-port" => undefined,
"security-realm" => "ManagementRealm"
}
},
"security-realm" => {
"ManagementRealm" => {
"authorization" => undefined,
"plug-in" => undefined,
"server-identity" => undefined,
"authentication" => {
"local" => {
"allowed-users" => undefined,
"default-user" => "$local"
I can then cd
into the node, but I'm not sure what the operation composition is at this level. I'm able to write other values and attributes in the CLI, but at this level I'm unsure what the method is. Any suggestions appreciated. For example, these fail. Assumptions are that I don't need to add this attribute first before writing the value, and that this node is even able to be written in the CLI (any thoughts Alexey?).
[domain@localhost:9999 security-realm=ManagementRealm] /host=master/core-service=management/security-realm=ManagementRealm/server-identity/:write(server-identity="new_value")
And:
[domain@localhost:9999 security-realm=ManagementRealm] /host=master/core-service=management/security-realm=ManagementRealm/:write(server-identity="new_value")