Map Jboss User to Roles

Follow below steps To Map Users to Roles :
jbadmin ==> Administrator
jbdeploy ==> Deployer
Step 1:
To Configure jbdeploy to give it to the Developer :
This system is currently configured to use simple access controls, which will not utilize changes made in this section for roles. In order to utilize role mappings
that you configure in this section, you will need to enable role based access controls from the Command Line Interface (CLI) using the following command:

/core-service=management/access=authorization:write-attribute(name=provider,value=rbac)
D:\jboss\jboss-eap-6.3.0_Node1\jboss-eap-6.3\bin>jboss-cli.bat -c --controller=127.0.0.1:9999
[domain@127.0.0.1:9999 /] /core-service=management/access=authorization:write-attribute(name=provider,value=rbac)
{
    "outcome" => "success",
    "response-headers" => {
        "operation-requires-reload" => true,
        "process-state" => "reload-required"
    },
    "result" => undefined,
    "server-groups" => undefined
}
[domain@127.0.0.1:9999 /]

Step 2:
From the console go to administration and add user and map role as per requirement .
Step 3 :After mapping users to roles below is the tag updated in Domain.xml

        <access-control provider="rbac">
            <role-mapping>
                <role name="SuperUser">
                    <include>
                        <user name="$local"/>
                        <user name="jbadmin"/>
                    </include>
                </role>
                <role name="Administrator">
                    <include>
                        <user name="jbadmin"/>
                    </include>
                </role>
                <role name="Deployer">
                    <include>
                        <user name="jbdeploy"/>
                    </include>
                </role>
            </role-mapping>
        </access-control>

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *