JBoss.orgCommunity Documentation
In order to perform any S-RAMP operations (including both read and write operations) a valid user must be authenticated. The specific details regarding how to create and manage the list of allowed users will vary depending on the runtime configuration. This guide will focus on the mechanisms supported by the S-RAMP community installer.
Please note that the installer creates a single user (named admin) during the installation process.
There are several roles that the user must have in order to interact with the S-RAMP repository. These roles are as follows:
if the ModeShape repository name is changed, the above admin.sramp role would need to reflect that change.
By default S-RAMP uses the standard EAP Application Realm configuration as its authentication source. This means that adding users is a simple matter of using the existing EAP add-user script. If you are running on Windows you can use the add-user.bat script. Otherwise run the add-user.sh script. Both of these scripts can be found in EAP’s bin directory.
Here is an example of how to add an S-RAMP user using the add-user.sh script:
[user@host jboss-eap-6.x]$ pwd /home/user/FSW6/jboss-eap-6.x [user@host jboss-eap-6.x]$ ./bin/add-user.sh What type of user do you wish to add? a) Management User (mgmt-users.properties) b) Application User (application-users.properties) (a): b Enter the details of the new user to add. Realm (ApplicationRealm) : ApplicationRealm Username : fitzuser Password : P4SSW0RD! Re-enter Password : P4SSW0RD! What roles do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[ ]: overlorduser,admin.sramp About to add user 'fitzuser' for realm 'ApplicationRealm' Is this correct yes/no? yes Added user 'fitzuser' to file '/home/user/FSW6/jboss-eap-6.x/standalone/configuration/application-users.properties' Added user 'fitzuser' to file '/home/user/FSW6/jboss-eap-6.x/domain/configuration/application-users.properties' Added user 'fitzuser' with roles overlorduser,admin.sramp to file '/home/user/FSW6/jboss-eap-6.x/standalone/configuration/application-roles.properties' Added user 'fitzuser' with roles overlorduser,admin.sramp to file '/home/user/FSW6/jboss-eap-6.x/domain/configuration/application-roles.properties' Is this new user going to be used for one AS process to connect to another AS process? e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls. yes/no? no
When running S-RAMP in JBoss Fuse 6.1, the user credentials are stored in a plain text properties
file in the etc
directory.
#user=password,role1,role2 admin=ADMIN_PASSWORD,overlorduser,admin.sramp
Simply add users to this file and restart Fuse. Make sure you include the necessary roles of overlorduser
and admin.sramp
in any user you create.
When running S-RAMP in Tomcat 7, the source of authentication is an XML configuration file located in Tomcat’s conf directory named tomcat-users.xml. To add another user, simply add a user element to this XML configuration file. For example, adding a user named fitzuser might make the file look like this:
<?xml version="1.0" encoding="UTF-8"?> <tomcat-users> <!-- NOTE: By default, no user is included in the "manager-gui" role required to operate the "/manager/html" web application. If you wish to use this app, you must define such a user - the username and password are arbitrary. --> <role rolename="tomcat"/> <role rolename="overlorduser"/> <role rolename="admin.sramp" /> <user username="admin" password="4dm1n!" roles="tomcat,overlorduser,admin.sramp"/> <user username="fitzuser" password="P4SSW0RD!" roles="tomcat,overlorduser,admin.sramp"/> </tomcat-users>