Change in ovirt-engine[master]: core: Custom jboss login plugin module for JMX

Moti Asayag has submitted this change and it was merged. Change subject: core: Custom jboss login plugin module for JMX ...................................................................... core: Custom jboss login plugin module for JMX This plugin will enable us to authenticate engine admin users into Jboss's JMX interface. We can either invoke then the jbosscli.sh or jconsole or whatever tool that uses JMX and needs authentication. - only superusers can login - only 127.0.0.1 is exposed - failed login fails noisely - there is no proper error printed to the screen USAGE: $JBOSS_HOME/bin/jboss-cli.sh \ --controller=127.0.0.1:8706 --connect --user=admin@internal COMMAND if COMMAND is missing it enters interactive mode. Examples of COMMANDs: - increase bll log level to debug: /subsystem=logging/logger=org.ovirt.engine.core.bll:write-attribute(name=level,value=DEBUG)" - add logger /subsystem=logging/logger=org.ovirt.engine:add - get the engine data-source statistics: ls /subsystem=datasources/data-source=ENGINEDataSource/statistics=jdbc - get Threading info ls /core-service=platform-mbean/type=threading/ [1] Jboss custom login modules: https://docs.jboss.org/author/display/AS71/Security+Realms [2] CLI recepies - https://docs.jboss.org/author/display/WFLY8/CLI+Recipes Change-Id: I0e504c9b429f7fe02d42b0170e6e3a08b801efae Signed-off-by: Roy Golan <rgolan(a)redhat.com&gt; Signed-off-by: Alon Bar-Lev <alonbl(a)redhat.com&gt; --- A backend/manager/modules/auth-plugin/pom.xml A backend/manager/modules/auth-plugin/src/main/java/org/ovirt/engine/core/jboss_auth_plugin/OvirtAuthPlugIn.java A backend/manager/modules/auth-plugin/src/main/java/org/ovirt/engine/core/jboss_auth_plugin/OvirtAuthPlugInProvider.java A backend/manager/modules/auth-plugin/src/main/modules/org/ovirt/engine/core/auth-plugin/main/module.xml A backend/manager/modules/auth-plugin/src/main/resources/META-INF/services/org.jboss.as.domain.management.plugin.PlugInProvider A backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/isUserApplicationContainerManagerQuery.java M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java M backend/manager/modules/pom.xml M packaging/services/ovirt-engine/ovirt-engine.xml.in 9 files changed, 197 insertions(+), 2 deletions(-) Approvals: Alon Bar-Lev: Verified; Looks good to me, but someone else must approve Jenkins CI: Passed CI tests Omer Frenkel: Looks good to me, but someone else must approve Moti Asayag: Looks good to me, approved -- To view, visit https://gerrit.ovirt.org/29693 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I0e504c9b429f7fe02d42b0170e6e3a08b801efae Gerrit-PatchSet: 21 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Roy Golan <rgolan(a)redhat.com&gt; Gerrit-Reviewer: Alon Bar-Lev <alonbl(a)redhat.com&gt; Gerrit-Reviewer: Jenkins CI Gerrit-Reviewer: Moti Asayag <masayag(a)redhat.com&gt; Gerrit-Reviewer: Omer Frenkel <ofrenkel(a)redhat.com&gt; Gerrit-Reviewer: Oved Ourfali <oourfali(a)redhat.com&gt; Gerrit-Reviewer: Piotr Kliczewski <piotr.kliczewski(a)gmail.com&gt; Gerrit-Reviewer: Ravi Nori <rnori(a)redhat.com&gt; Gerrit-Reviewer: Roman Mohr <rmohr(a)redhat.com&gt; Gerrit-Reviewer: Roy Golan <rgolan(a)redhat.com&gt; Gerrit-Reviewer: automation(a)ovirt.org