Last active
August 5, 2020 17:15
-
-
Save darranl/e9f1c5a943684ce124c35638e376644f to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0' encoding='UTF-8'?> | |
| <server xmlns="urn:jboss:domain:14.0"> | |
| <extensions> | |
| <extension module="org.jboss.as.deployment-scanner"/> | |
| <extension module="org.jboss.as.ee"/> | |
| <extension module="org.jboss.as.naming"/> | |
| <extension module="org.wildfly.extension.io"/> | |
| <extension module="org.wildfly.extension.undertow"/> | |
| </extensions> | |
| <management> | |
| <security-realms> | |
| <security-realm name="ManagementRealm"> | |
| <authentication> | |
| <local default-user="$local" skip-group-loading="true"/> | |
| <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/> | |
| </authentication> | |
| <authorization map-groups-to-roles="false"> | |
| <properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/> | |
| </authorization> | |
| </security-realm> | |
| <security-realm name="ApplicationRealm"> | |
| <server-identities> | |
| <ssl> | |
| <keystore path="application.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/> | |
| </ssl> | |
| </server-identities> | |
| <authentication> | |
| <local default-user="$local" allowed-users="*" skip-group-loading="true"/> | |
| <properties path="application-users.properties" relative-to="jboss.server.config.dir"/> | |
| </authentication> | |
| <authorization> | |
| <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/> | |
| </authorization> | |
| </security-realm> | |
| </security-realms> | |
| <audit-log> | |
| <formatters> | |
| <json-formatter name="json-formatter"/> | |
| </formatters> | |
| <handlers> | |
| <file-handler name="file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/> | |
| </handlers> | |
| <logger log-boot="true" log-read-only="false" enabled="false"> | |
| <handlers> | |
| <handler name="file"/> | |
| </handlers> | |
| </logger> | |
| </audit-log> | |
| <management-interfaces> | |
| <http-interface security-realm="ManagementRealm"> | |
| <http-upgrade enabled="true"/> | |
| <socket-binding http="management-http"/> | |
| </http-interface> | |
| </management-interfaces> | |
| <access-control provider="simple"> | |
| <role-mapping> | |
| <role name="SuperUser"> | |
| <include> | |
| <user name="$local"/> | |
| </include> | |
| </role> | |
| </role-mapping> | |
| </access-control> | |
| </management> | |
| <profile> | |
| <subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0"> | |
| <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:ee:5.0"> | |
| <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement> | |
| <concurrent> | |
| <context-services> | |
| <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="false"/> | |
| </context-services> | |
| <managed-thread-factories> | |
| <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/> | |
| </managed-thread-factories> | |
| <managed-executor-services> | |
| <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/> | |
| </managed-executor-services> | |
| <managed-scheduled-executor-services> | |
| <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/> | |
| </managed-scheduled-executor-services> | |
| </concurrent> | |
| <default-bindings context-service="java:jboss/ee/concurrency/context/default" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:io:3.0"> | |
| <worker name="default"/> | |
| <buffer-pool name="default"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:naming:2.0"/> | |
| <subsystem xmlns="urn:jboss:domain:undertow:11.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}"> | |
| <buffer-cache name="default"/> | |
| <server name="default-server"> | |
| <http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/> | |
| <host name="default-host" alias="localhost"> | |
| <http-invoker/> | |
| </host> | |
| </server> | |
| <servlet-container name="default"> | |
| <jsp-config/> | |
| <websockets/> | |
| </servlet-container> | |
| </subsystem> | |
| </profile> | |
| <interfaces> | |
| <interface name="management"> | |
| <inet-address value="${jboss.bind.address.management:127.0.0.1}"/> | |
| </interface> | |
| <interface name="public"> | |
| <inet-address value="${jboss.bind.address:127.0.0.1}"/> | |
| </interface> | |
| </interfaces> | |
| <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}"> | |
| <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/> | |
| <socket-binding name="http" port="${jboss.http.port:8080}"/> | |
| <socket-binding name="https" port="${jboss.https.port:8443}"/> | |
| <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/> | |
| <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/> | |
| </socket-binding-group> | |
| </server> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0' encoding='UTF-8'?> | |
| <server xmlns="urn:jboss:domain:14.0"> | |
| <extensions> | |
| <extension module="org.jboss.as.deployment-scanner"/> | |
| <extension module="org.jboss.as.ee"/> | |
| <extension module="org.jboss.as.naming"/> | |
| <extension module="org.wildfly.extension.io"/> | |
| <extension module="org.wildfly.extension.undertow"/> | |
| </extensions> | |
| <management> | |
| <audit-log> | |
| <formatters> | |
| <json-formatter name="json-formatter"/> | |
| </formatters> | |
| <handlers> | |
| <file-handler name="file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/> | |
| </handlers> | |
| <logger log-boot="true" log-read-only="false" enabled="false"> | |
| <handlers> | |
| <handler name="file"/> | |
| </handlers> | |
| </logger> | |
| </audit-log> | |
| <management-interfaces> | |
| <http-interface> | |
| <http-upgrade enabled="true"/> | |
| <socket-binding http="management-http"/> | |
| </http-interface> | |
| </management-interfaces> | |
| <access-control provider="simple"> | |
| <role-mapping> | |
| <role name="SuperUser"> | |
| <include> | |
| <user name="$local"/> | |
| </include> | |
| </role> | |
| </role-mapping> | |
| </access-control> | |
| </management> | |
| <profile> | |
| <subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0"> | |
| <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:ee:5.0"> | |
| <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement> | |
| <concurrent> | |
| <context-services> | |
| <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="false"/> | |
| </context-services> | |
| <managed-thread-factories> | |
| <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/> | |
| </managed-thread-factories> | |
| <managed-executor-services> | |
| <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/> | |
| </managed-executor-services> | |
| <managed-scheduled-executor-services> | |
| <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/> | |
| </managed-scheduled-executor-services> | |
| </concurrent> | |
| <default-bindings context-service="java:jboss/ee/concurrency/context/default" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:io:3.0"> | |
| <worker name="default"/> | |
| <buffer-pool name="default"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:naming:2.0"/> | |
| <subsystem xmlns="urn:jboss:domain:undertow:11.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}"> | |
| <buffer-cache name="default"/> | |
| <server name="default-server"> | |
| <http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/> | |
| <host name="default-host" alias="localhost"> | |
| <http-invoker/> | |
| </host> | |
| </server> | |
| <servlet-container name="default"> | |
| <jsp-config/> | |
| <websockets/> | |
| </servlet-container> | |
| </subsystem> | |
| </profile> | |
| <interfaces> | |
| <interface name="management"> | |
| <inet-address value="${jboss.bind.address.management:127.0.0.1}"/> | |
| </interface> | |
| <interface name="public"> | |
| <inet-address value="${jboss.bind.address:127.0.0.1}"/> | |
| </interface> | |
| </interfaces> | |
| <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}"> | |
| <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/> | |
| <socket-binding name="http" port="${jboss.http.port:8080}"/> | |
| <socket-binding name="https" port="${jboss.https.port:8443}"/> | |
| <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/> | |
| <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/> | |
| </socket-binding-group> | |
| </server> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0' encoding='UTF-8'?> | |
| <server xmlns="urn:jboss:domain:14.0"> | |
| <extensions> | |
| <extension module="org.jboss.as.deployment-scanner"/> | |
| <extension module="org.jboss.as.ee"/> | |
| <extension module="org.jboss.as.naming"/> | |
| <extension module="org.wildfly.extension.elytron"/> | |
| <extension module="org.wildfly.extension.io"/> | |
| <extension module="org.wildfly.extension.undertow"/> | |
| </extensions> | |
| <management> | |
| <identity security-domain="ManagementDomain"/> | |
| <audit-log> | |
| <formatters> | |
| <json-formatter name="json-formatter"/> | |
| </formatters> | |
| <handlers> | |
| <file-handler name="file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/> | |
| </handlers> | |
| <logger log-boot="true" log-read-only="false" enabled="false"> | |
| <handlers> | |
| <handler name="file"/> | |
| </handlers> | |
| </logger> | |
| </audit-log> | |
| <management-interfaces> | |
| <http-interface http-authentication-factory="management-http-authentication"> | |
| <http-upgrade enabled="true" sasl-authentication-factory="management-sasl-authentication"/> | |
| <socket-binding http="management-http"/> | |
| </http-interface> | |
| </management-interfaces> | |
| <access-control provider="simple"> | |
| <role-mapping> | |
| <role name="SuperUser"> | |
| <include> | |
| <user name="$local"/> | |
| </include> | |
| </role> | |
| </role-mapping> | |
| </access-control> | |
| </management> | |
| <profile> | |
| <subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0"> | |
| <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:ee:5.0"> | |
| <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement> | |
| <concurrent> | |
| <context-services> | |
| <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="false"/> | |
| </context-services> | |
| <managed-thread-factories> | |
| <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/> | |
| </managed-thread-factories> | |
| <managed-executor-services> | |
| <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/> | |
| </managed-executor-services> | |
| <managed-scheduled-executor-services> | |
| <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/> | |
| </managed-scheduled-executor-services> | |
| </concurrent> | |
| <default-bindings context-service="java:jboss/ee/concurrency/context/default" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:wildfly:elytron:11.0" final-providers="combined-providers" disallowed-providers="OracleUcrypto"> | |
| <providers> | |
| <aggregate-providers name="combined-providers"> | |
| <providers name="elytron"/> | |
| <providers name="openssl"/> | |
| </aggregate-providers> | |
| <provider-loader name="elytron" module="org.wildfly.security.elytron"/> | |
| <provider-loader name="openssl" module="org.wildfly.openssl"/> | |
| </providers> | |
| <audit-logging> | |
| <file-audit-log name="local-audit" path="audit.log" relative-to="jboss.server.log.dir" format="JSON"/> | |
| </audit-logging> | |
| <security-domains> | |
| <security-domain name="ManagementDomain" default-realm="ManagementRealm" permission-mapper="default-permission-mapper"> | |
| <realm name="ManagementRealm" role-decoder="groups-to-roles"/> | |
| <realm name="local" role-mapper="super-user-mapper"/> | |
| </security-domain> | |
| <security-domain name="ApplicationDomain" default-realm="ApplicationRealm" permission-mapper="default-permission-mapper"> | |
| <realm name="ApplicationRealm" role-decoder="groups-to-roles"/> | |
| <realm name="local"/> | |
| </security-domain> | |
| </security-domains> | |
| <security-realms> | |
| <identity-realm name="local" identity="$local"/> | |
| <properties-realm name="ApplicationRealm"> | |
| <users-properties path="application-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ApplicationRealm"/> | |
| <groups-properties path="application-roles.properties" relative-to="jboss.server.config.dir"/> | |
| </properties-realm> | |
| <properties-realm name="ManagementRealm"> | |
| <users-properties path="mgmt-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ManagementRealm"/> | |
| <groups-properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/> | |
| </properties-realm> | |
| </security-realms> | |
| <mappers> | |
| <simple-permission-mapper name="default-permission-mapper" mapping-mode="first"> | |
| <permission-mapping> | |
| <principal name="anonymous"/> | |
| <permission-set name="default-permissions"/> | |
| </permission-mapping> | |
| <permission-mapping match-all="true"> | |
| <permission-set name="login-permission"/> | |
| <permission-set name="default-permissions"/> | |
| </permission-mapping> | |
| </simple-permission-mapper> | |
| <constant-realm-mapper name="local" realm-name="local"/> | |
| <simple-role-decoder name="groups-to-roles" attribute="groups"/> | |
| <constant-role-mapper name="super-user-mapper"> | |
| <role name="SuperUser"/> | |
| </constant-role-mapper> | |
| </mappers> | |
| <permission-sets> | |
| <permission-set name="login-permission"> | |
| <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/> | |
| </permission-set> | |
| <permission-set name="default-permissions"/> | |
| </permission-sets> | |
| <http> | |
| <http-authentication-factory name="management-http-authentication" security-domain="ManagementDomain" http-server-mechanism-factory="global"> | |
| <mechanism-configuration> | |
| <mechanism mechanism-name="DIGEST"> | |
| <mechanism-realm realm-name="ManagementRealm"/> | |
| </mechanism> | |
| </mechanism-configuration> | |
| </http-authentication-factory> | |
| <provider-http-server-mechanism-factory name="global"/> | |
| </http> | |
| <sasl> | |
| <sasl-authentication-factory name="management-sasl-authentication" sasl-server-factory="configured" security-domain="ManagementDomain"> | |
| <mechanism-configuration> | |
| <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/> | |
| <mechanism mechanism-name="DIGEST-MD5"> | |
| <mechanism-realm realm-name="ManagementRealm"/> | |
| </mechanism> | |
| </mechanism-configuration> | |
| </sasl-authentication-factory> | |
| <sasl-authentication-factory name="application-sasl-authentication" sasl-server-factory="configured" security-domain="ApplicationDomain"> | |
| <mechanism-configuration> | |
| <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/> | |
| <mechanism mechanism-name="DIGEST-MD5"> | |
| <mechanism-realm realm-name="ApplicationRealm"/> | |
| </mechanism> | |
| </mechanism-configuration> | |
| </sasl-authentication-factory> | |
| <configurable-sasl-server-factory name="configured" sasl-server-factory="elytron"> | |
| <properties> | |
| <property name="wildfly.sasl.local-user.default-user" value="$local"/> | |
| </properties> | |
| </configurable-sasl-server-factory> | |
| <mechanism-provider-filtering-sasl-server-factory name="elytron" sasl-server-factory="global"> | |
| <filters> | |
| <filter provider-name="WildFlyElytron"/> | |
| </filters> | |
| </mechanism-provider-filtering-sasl-server-factory> | |
| <provider-sasl-server-factory name="global"/> | |
| </sasl> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:io:3.0"> | |
| <worker name="default"/> | |
| <buffer-pool name="default"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:naming:2.0"/> | |
| <subsystem xmlns="urn:jboss:domain:undertow:11.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}"> | |
| <buffer-cache name="default"/> | |
| <server name="default-server"> | |
| <http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/> | |
| <host name="default-host" alias="localhost"> | |
| <http-invoker/> | |
| </host> | |
| </server> | |
| <servlet-container name="default"> | |
| <jsp-config/> | |
| <websockets/> | |
| </servlet-container> | |
| </subsystem> | |
| </profile> | |
| <interfaces> | |
| <interface name="management"> | |
| <inet-address value="${jboss.bind.address.management:127.0.0.1}"/> | |
| </interface> | |
| <interface name="public"> | |
| <inet-address value="${jboss.bind.address:127.0.0.1}"/> | |
| </interface> | |
| </interfaces> | |
| <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}"> | |
| <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/> | |
| <socket-binding name="http" port="${jboss.http.port:8080}"/> | |
| <socket-binding name="https" port="${jboss.https.port:8443}"/> | |
| <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/> | |
| <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/> | |
| </socket-binding-group> | |
| </server> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment