I am currently working with JBoss 6.2. I am trying to add a user so that I can access the Webconsole of Jboss. This is how I added a user :
[user#server bin]$ ./add-user.sh
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a):
Enter the details of the new user to add.
Using realm 'ManagementRealm' as discovered from the existing property files.
Username : adminuser
Password :
Re-enter Password :
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[ ]: admin
About to add user 'adminuser' for realm 'ManagementRealm'
Is this correct yes/no? yes
Added user 'adminuser' to file '/local/jboss-eap- 6.2/standalone/configuration/mgmt-users.properties'
Added user 'adminuser' to file '/local/jboss-eap-6.2/domain/configuration/mgmt-users.properties'
Added user 'adminuser' with groups admin to file '/local/jboss-eap-6.2/standalone/configuration/mgmt-groups.properties'
Added user 'adminuser' with groups admin to file '/local/jboss-eap-6.2/domain/configuration/mgmt-groups.properties'
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? no
[user#server bin]$
I have tried this a number of times but when I access the server using:
server:9001/console/
It does not log me in.
How can I troubleshoot this ? Are there any relevant logs I can look into ? I even restarted JBoss but it did not help.
I can see that the entry exists in mgmt-users.properties.
adminuser=e6f48b3bbae149b83f233b4351242604
Related
I had JBoss installed a while ago so I eventually forgot the password and username used for managing it (I mean the management console on port 9990).
I tried to reset the password by running the add-user.sh script but messed it up and now every user I add is created in the admin realm:
Enter the details of the new user to add.
Using realm 'admin' as discovered from the existing property files.
I do not need this realm, I just need the admin user to manage JBoss (presumably, this is the Management realm).
I tried to do the following:
Removed the admin line from mgmt-users.properties and mgmt-groups.properties in the standalone/configuration and domain/configuration
Tried to find the 'admin' realm in standalone.xml and standalone-full.xml but to no avail.
My question is how to create/reset the password of admin in the Management at last?
Also, where can I find the existing property files that JBoss mentions and override it to make it use the Management realm instead?
Had to reinstall JBoss and the problem gone.
I was trying to install ws02 API manger and this error appeared but I do not know how to fix it or what that means, can someone tell me what I did wrong. Thanks in advance.
When starting API Manager, it will add an admin user to the configured data store. As per the error logs, there is already an admin user which exists in the data store. Thus, Remove that admin user and restart the server. If you want that previously created admin user together with this new admin user then perform the below-mentioned configurations in APIM_HOME/repository/conf/deployment.toml. Here you are changing the default admin username to a new username as admin is already existing in the DB.
[super_admin]
username = "admin_new"
password = "admin_new"
create_admin_account = true
I have a Keycloak server configured with two User Storage Providers: one for querying a LDAP server (using the SPI already implemented in Keycloak) and another which looks into a client's DB with users info (this is a custom Keycloak's extension programmed in Java).
Both of them works fine: I ask Keycloak to validate credentials of one user registered in LDAP and it works as expected for the pair user/password. The same happens when the user is registered in the client's DB.
The problem arise when the user is defined (with different passwords) in both the LDAP and the client's DB: Keycloak looks for the user name in one of them (the DB for example) and founds it. Then try to validate the password and fails giving Keycloak the result '401 Unauthorized' and not trying to validate the password on the LDAP.
Is there a way to make Keycloak to search the user in every User Storage Provider althought any of them fails to validate the user?
I have an application that connects to integrity through the java mks api. To test the application functionalities I hardcoded the user and the password for my computer, but now after testing I want to make the app generic so more users can use it.
Normally, each user has a user (this information I can get it from ENV) and a password configured in the Integrity interface. Is there a possibility to tell the mksapi to get the password from those preferences?
There is no option to get the password from Client preferences.
You don't need to have the password if the connection already exist and you are using localintegration.
e.g.
si projects --hostname={SI_HOST} --port={SI_PORT} --user={USERNAME}
The previous command will work without password if there is an active connection for the provided info: {USERNAME}#{SI_HOST}:{SI_PORT}
Another option is to use a user with impersonate permission.
if you cannot use any of this option, the only way is to prompt the user for a password.
I have a WSO2 Identiy server installed and i have written some java code to get user information with oauth 2. For this I am using OLTU. I have connected correctly and after negotiating the access_code, I ask for the userinfo endpoint like this:
https://<serverIP>:9443/oauth2/userinfo?schema=openid
I get user info correctly in JSON format:
{"email":"xxxx#xxx.aa","name":"xxx","family_name":"xx","preferred_username":"xxx","given_name":"xx"}
What I find is that no role information is returned. I have created some custom roles and asigned the users. They don't have any permisions asigned.
Do I have to configure anything in the server? The request has to be made in any other way? What am I doing wrong?
There are two ways to add this claim mapping. It's depends on your requirement.
To get this done has to add a role claim mapping under "http://wso2.org/oidc/claim" claim dialect. This can be done in following ways
Case 1 : For fresh WSO2IS before first startup
Go to <IS_HOME>/repository/conf/claim-config.xml file<br/>
Add following configuration under <Dialect dialectURI="http://wso2.org/oidc/claim"><br/>
<Claim>
<ClaimURI>Roles</ClaimURI>
<DisplayName>Roles</DisplayName>
<AttributeID>role</AttributeID>
<Description>role of the user</Description>
<DisplayOrder>10</DisplayOrder>
<SupportedByDefault />
</Claim>
Case 2: For already running server.
Login to the Identity server management console as admin user.
Click the Configure button to access the Configure menu
Click on http://wso2.org/oidc/claim Dialect.
Click on "Add New Claim Mapping" and set the above details.
(There you will get an error which is known issues. But that value will store. Then again edit it and set Mapped Attribute again)
Then restart the server. Now you can get user info with roles