Change in ovirt-engine[master]: core: Custom jboss login plugin module for JMX
masayag at redhat.com
masayag at redhat.com
Sun Aug 2 06:52:06 UTC 2015
Moti Asayag has submitted this change and it was merged.
Change subject: core: Custom jboss login plugin module for JMX
......................................................................
core: Custom jboss login plugin module for JMX
This plugin will enable us to authenticate engine admin users into
Jboss's JMX interface. We can either invoke then the jbosscli.sh or
jconsole or whatever tool that uses JMX and needs authentication.
- only superusers can login
- only 127.0.0.1 is exposed
- failed login fails noisely - there is no proper error printed to the
screen
USAGE:
$JBOSS_HOME/bin/jboss-cli.sh \
--controller=127.0.0.1:8706 --connect --user=admin at internal COMMAND
if COMMAND is missing it enters interactive mode.
Examples of COMMANDs:
- increase bll log level to debug:
/subsystem=logging/logger=org.ovirt.engine.core.bll:write-attribute(name=level,value=DEBUG)"
- add logger
/subsystem=logging/logger=org.ovirt.engine:add
- get the engine data-source statistics:
ls /subsystem=datasources/data-source=ENGINEDataSource/statistics=jdbc
- get Threading info
ls /core-service=platform-mbean/type=threading/
[1] Jboss custom login modules: https://docs.jboss.org/author/display/AS71/Security+Realms
[2] CLI recepies - https://docs.jboss.org/author/display/WFLY8/CLI+Recipes
Change-Id: I0e504c9b429f7fe02d42b0170e6e3a08b801efae
Signed-off-by: Roy Golan <rgolan at redhat.com>
Signed-off-by: Alon Bar-Lev <alonbl at redhat.com>
---
A backend/manager/modules/auth-plugin/pom.xml
A backend/manager/modules/auth-plugin/src/main/java/org/ovirt/engine/core/jboss_auth_plugin/OvirtAuthPlugIn.java
A backend/manager/modules/auth-plugin/src/main/java/org/ovirt/engine/core/jboss_auth_plugin/OvirtAuthPlugInProvider.java
A backend/manager/modules/auth-plugin/src/main/modules/org/ovirt/engine/core/auth-plugin/main/module.xml
A backend/manager/modules/auth-plugin/src/main/resources/META-INF/services/org.jboss.as.domain.management.plugin.PlugInProvider
A backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/isUserApplicationContainerManagerQuery.java
M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java
M backend/manager/modules/pom.xml
M packaging/services/ovirt-engine/ovirt-engine.xml.in
9 files changed, 197 insertions(+), 2 deletions(-)
Approvals:
Alon Bar-Lev: Verified; Looks good to me, but someone else must approve
Jenkins CI: Passed CI tests
Omer Frenkel: Looks good to me, but someone else must approve
Moti Asayag: Looks good to me, approved
--
To view, visit https://gerrit.ovirt.org/29693
To unsubscribe, visit https://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I0e504c9b429f7fe02d42b0170e6e3a08b801efae
Gerrit-PatchSet: 21
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Roy Golan <rgolan at redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alonbl at redhat.com>
Gerrit-Reviewer: Jenkins CI
Gerrit-Reviewer: Moti Asayag <masayag at redhat.com>
Gerrit-Reviewer: Omer Frenkel <ofrenkel at redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourfali at redhat.com>
Gerrit-Reviewer: Piotr Kliczewski <piotr.kliczewski at gmail.com>
Gerrit-Reviewer: Ravi Nori <rnori at redhat.com>
Gerrit-Reviewer: Roman Mohr <rmohr at redhat.com>
Gerrit-Reviewer: Roy Golan <rgolan at redhat.com>
Gerrit-Reviewer: automation at ovirt.org
More information about the Engine-commits
mailing list