Managing the application server
JBoss AS 7 provides three different approaches to configure and manage servers: a web interface, a command-line client, and a set of XML configuration files. No matter what approach you choose, the configuration is always synchronized across the different views and finally persisted to the XML files.
Managing JBoss AS 7 with the web interface
The web interface is a Google Web Toolkit (GWT) application, which can be used to manage a standalone or domain JBoss AS distribution. By default, it is deployed on a local host on the 9990 port; the property that controls the port socket binding is jboss.management.http.port, as contained in the server configuration (standalone.xml/domain.xml):
<socket-binding-group name="standard-sockets" default-interface="public">
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
. . . . . . . . .
</socket-binding-group>
JBoss AS 7.1.x is distributed and is secured by default, and the default security mechanism is username- or password-based, making use of HTTP Digest for the authentication process.
Note
The reason for securing the server by default is that, if the management interfaces are accidentally exposed on a public IP address, authentication is required to connect. For this reason, there is no default user in the distribution.
The users are stored in a properties file called mgmt-users.properties under standalone/configuration or domain/configuration depending on the running mode of the server. This file contains the username information along with a pre-prepared hash of the username plus the name of the realm and the user's password.
To manipulate the files and add users, it has provided utilities such as add-user.sh and add-user.bat to add the users and generate the hashes. So just execute the script and follow the guided process.
In order to create a new user you need to enter the following values:
- Type of user: The type will be
Management Usersince it will manage the application server - Realm: This must match the realm name used in the configuration; so unless you have changed the configuration to use a different realm name, leave this set to
ManagementRealm - Username: This is the username of the user you are adding
- Password: This is the user's password
Provided the validation is successful, you will be asked to confirm if you want to add the user; then the properties files will be updated.
The final question (Is this new user going to be used for one AS process to connect to another AS process?) will be displayed if you are running a release newer than 7.1.1, and can be used for adding slave Host Controllers that authenticate against a master domain controller. This in turn requires adding the secret key to your slave host's configuration in order to authenticate with the master domain controller. (For more information about domain configuration, check https://docs.jboss.org/author/display/AS71/Admin+Guide#AdminGuide-ManagedDomain.)