Last active
August 6, 2020 16:53
-
-
Save darranl/870199223d3f063687a97177aa0db745 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0' encoding='UTF-8'?> | |
| <server xmlns="urn:jboss:domain:14.0"> | |
| <extensions> | |
| <extension module="org.jboss.as.remoting"/> | |
| <extension module="org.wildfly.extension.io"/> | |
| </extensions> | |
| <management> | |
| <security-realms> | |
| <security-realm name="ApplicationRealm"> | |
| <server-identities> | |
| <ssl> | |
| <keystore path="application.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/> | |
| </ssl> | |
| </server-identities> | |
| <authentication> | |
| <local default-user="$local" allowed-users="*" skip-group-loading="true"/> | |
| <properties path="application-users.properties" relative-to="jboss.server.config.dir"/> | |
| </authentication> | |
| <authorization> | |
| <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/> | |
| </authorization> | |
| </security-realm> | |
| </security-realms> | |
| </management> | |
| <profile> | |
| <subsystem xmlns="urn:jboss:domain:io:3.0"> | |
| <worker name="default"/> | |
| <buffer-pool name="default"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:remoting:4.0"> | |
| <endpoint worker="default"/> | |
| <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/> | |
| </subsystem> | |
| </profile> | |
| <interfaces> | |
| <interface name="public"> | |
| <inet-address value="${jboss.bind.address:127.0.0.1}"/> | |
| </interface> | |
| </interfaces> | |
| <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}"/> | |
| </server> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0' encoding='UTF-8'?> | |
| <server xmlns="urn:jboss:domain:14.0"> | |
| <extensions> | |
| <extension module="org.jboss.as.remoting"/> | |
| <extension module="org.wildfly.extension.elytron"/> | |
| <extension module="org.wildfly.extension.io"/> | |
| </extensions> | |
| <management> | |
| <access-control provider="simple"> | |
| <role-mapping> | |
| <role name="SuperUser"> | |
| <include> | |
| <user name="$local"/> | |
| </include> | |
| </role> | |
| </role-mapping> | |
| </access-control> | |
| </management> | |
| <profile> | |
| <subsystem xmlns="urn:wildfly:elytron:11.0" final-providers="combined-providers" disallowed-providers="OracleUcrypto"> | |
| <providers> | |
| <aggregate-providers name="combined-providers"> | |
| <providers name="elytron"/> | |
| <providers name="openssl"/> | |
| </aggregate-providers> | |
| <provider-loader name="elytron" module="org.wildfly.security.elytron"/> | |
| <provider-loader name="openssl" module="org.wildfly.openssl"/> | |
| </providers> | |
| <audit-logging> | |
| <file-audit-log name="local-audit" path="audit.log" relative-to="jboss.server.log.dir" format="JSON"/> | |
| </audit-logging> | |
| <security-domains> | |
| <security-domain name="ApplicationDomain" default-realm="ApplicationRealm" permission-mapper="default-permission-mapper"> | |
| <realm name="ApplicationRealm" role-decoder="groups-to-roles"/> | |
| <realm name="local"/> | |
| </security-domain> | |
| <security-domain name="ManagementDomain" default-realm="ManagementRealm" permission-mapper="default-permission-mapper"> | |
| <realm name="ManagementRealm" role-decoder="groups-to-roles"/> | |
| <realm name="local" role-mapper="super-user-mapper"/> | |
| </security-domain> | |
| </security-domains> | |
| <security-realms> | |
| <identity-realm name="local" identity="$local"/> | |
| <properties-realm name="ApplicationRealm"> | |
| <users-properties path="application-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ApplicationRealm"/> | |
| <groups-properties path="application-roles.properties" relative-to="jboss.server.config.dir"/> | |
| </properties-realm> | |
| <properties-realm name="ManagementRealm"> | |
| <users-properties path="mgmt-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ManagementRealm"/> | |
| <groups-properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/> | |
| </properties-realm> | |
| </security-realms> | |
| <mappers> | |
| <simple-permission-mapper name="default-permission-mapper" mapping-mode="first"> | |
| <permission-mapping> | |
| <principal name="anonymous"/> | |
| <permission-set name="default-permissions"/> | |
| </permission-mapping> | |
| <permission-mapping match-all="true"> | |
| <permission-set name="login-permission"/> | |
| <permission-set name="default-permissions"/> | |
| </permission-mapping> | |
| </simple-permission-mapper> | |
| <constant-realm-mapper name="local" realm-name="local"/> | |
| <simple-role-decoder name="groups-to-roles" attribute="groups"/> | |
| <constant-role-mapper name="super-user-mapper"> | |
| <role name="SuperUser"/> | |
| </constant-role-mapper> | |
| </mappers> | |
| <permission-sets> | |
| <permission-set name="login-permission"> | |
| <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/> | |
| </permission-set> | |
| <permission-set name="default-permissions"/> | |
| </permission-sets> | |
| <http> | |
| <http-authentication-factory name="management-http-authentication" security-domain="ManagementDomain" http-server-mechanism-factory="global"> | |
| <mechanism-configuration> | |
| <mechanism mechanism-name="DIGEST"> | |
| <mechanism-realm realm-name="ManagementRealm"/> | |
| </mechanism> | |
| </mechanism-configuration> | |
| </http-authentication-factory> | |
| <provider-http-server-mechanism-factory name="global"/> | |
| </http> | |
| <sasl> | |
| <sasl-authentication-factory name="application-sasl-authentication" sasl-server-factory="configured" security-domain="ApplicationDomain"> | |
| <mechanism-configuration> | |
| <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/> | |
| <mechanism mechanism-name="DIGEST-MD5"> | |
| <mechanism-realm realm-name="ApplicationRealm"/> | |
| </mechanism> | |
| </mechanism-configuration> | |
| </sasl-authentication-factory> | |
| <sasl-authentication-factory name="management-sasl-authentication" sasl-server-factory="configured" security-domain="ManagementDomain"> | |
| <mechanism-configuration> | |
| <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/> | |
| <mechanism mechanism-name="DIGEST-MD5"> | |
| <mechanism-realm realm-name="ManagementRealm"/> | |
| </mechanism> | |
| </mechanism-configuration> | |
| </sasl-authentication-factory> | |
| <configurable-sasl-server-factory name="configured" sasl-server-factory="elytron"> | |
| <properties> | |
| <property name="wildfly.sasl.local-user.default-user" value="$local"/> | |
| </properties> | |
| </configurable-sasl-server-factory> | |
| <mechanism-provider-filtering-sasl-server-factory name="elytron" sasl-server-factory="global"> | |
| <filters> | |
| <filter provider-name="WildFlyElytron"/> | |
| </filters> | |
| </mechanism-provider-filtering-sasl-server-factory> | |
| <provider-sasl-server-factory name="global"/> | |
| </sasl> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:io:3.0"> | |
| <worker name="default"/> | |
| <buffer-pool name="default"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:remoting:4.0"> | |
| <endpoint worker="default"/> | |
| <http-connector name="http-remoting-connector" connector-ref="default" sasl-authentication-factory="application-sasl-authentication"/> | |
| </subsystem> | |
| </profile> | |
| <interfaces> | |
| <interface name="public"> | |
| <inet-address value="${jboss.bind.address:127.0.0.1}"/> | |
| </interface> | |
| </interfaces> | |
| <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}"/> | |
| </server> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment