JBoss.orgCommunity Documentation

Chapter 3. User Management

3.1. Overview
3.2. Required Roles
3.3. Adding a User
3.3.1. JBoss EAP 6
3.3.2. JBoss Fuse 6.1
3.3.3. Tomcat 7
3.3.4. Jetty 8

In order to perform any S-RAMP operations (including both read and write operations) a valid user must be authenticated. The specific details regarding how to create and manage the list of allowed users will vary depending on the runtime configuration. This guide will focus on the mechanisms supported by the S-RAMP community installer.


Please note that the installer creates a single user (named admin) during the installation process.

There are several roles that the user must have in order to interact with the S-RAMP repository. These roles are as follows:

  • overlorduser : users must have this role in order to access the S-RAMP user interface (browser)
  • admin.sramp : users must have this role in order to access the S-RAMP repository (both read and write)


if the ModeShape repository name is changed, the above admin.sramp role would need to reflect that change.

By default S-RAMP uses the standard EAP Application Realm configuration as its authentication source. This means that adding users is a simple matter of using the existing EAP add-user script. If you are running on Windows you can use the add-user.bat script. Otherwise run the add-user.sh script. Both of these scripts can be found in EAP’s bin directory.

Here is an example of how to add an S-RAMP user using the add-user.sh script:

[user@host jboss-eap-6.x]$ pwd
[user@host jboss-eap-6.x]$ ./bin/add-user.sh

What type of user do you wish to add?
 a) Management User (mgmt-users.properties)
 b) Application User (application-users.properties)
(a): b

Enter the details of the new user to add.
Realm (ApplicationRealm) : ApplicationRealm
Username : fitzuser
Password : P4SSW0RD!
Re-enter Password : P4SSW0RD!
What roles do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[  ]: overlorduser,admin.sramp
About to add user 'fitzuser' for realm 'ApplicationRealm'
Is this correct yes/no? yes
Added user 'fitzuser' to file '/home/user/FSW6/jboss-eap-6.x/standalone/configuration/application-users.properties'
Added user 'fitzuser' to file '/home/user/FSW6/jboss-eap-6.x/domain/configuration/application-users.properties'
Added user 'fitzuser' with roles overlorduser,admin.sramp to file '/home/user/FSW6/jboss-eap-6.x/standalone/configuration/application-roles.properties'
Added user 'fitzuser' with roles overlorduser,admin.sramp to file '/home/user/FSW6/jboss-eap-6.x/domain/configuration/application-roles.properties'
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? no