我可以使用Red Hat JBoss EAP 6中的CLI编写server-identityities值吗？

Question

我想知道如何使用CLI 为托管域实例secret value的server-identities属性添加新属性.

在通过命令行添加新用户时,建议将秘密值添加到服务器实例.但是没有很多关于如何做到这一点的信息.我们知道这发生在host-master.xml例如文件中,并且我知道我可以在XML中编辑它.一个例子如下:

  <management>
    <security-realms>
        <security-realm name="ManagementRealm">
            <server-identities>
                  <secret value="superdupersecret" />
            </server-identities>
            <authentication>
                <local default-user="$local" />
                <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
            </authentication>
        </security-realm>
        .
        .
        .
</management>

我可以通过read-resource从根运行如下操作来查看节点("shotgun方法"用于管道在运行时传递的所有参数和变量以进行快速搜索).我可以轻松地抓住它.

:read-resource(recursive=true, include-runtime=true) > nameoffile.txt  

这显示了我之后的节点的路径.

"host" => {"master" => {  
        ...snip...
        "core-service" => {  
            "management" => {  
                "ldap-connection" => undefined,  
                "management-interface" => {  
                    "native-interface" => {  
                        "interface" => "management",  
                        "port" => expression "${jboss.management.native.port:9999}",  
                        "security-realm" => "ManagementRealm"  
                    },  
                    "http-interface" => {  
                        "console-enabled" => true,  
                        "interface" => "management",  
                        "port" => expression "${jboss.management.http.port:9990}",  
                        "secure-port" => undefined,  
                        "security-realm" => "ManagementRealm"  
                    }  
                },  
                "security-realm" => {  
                    "ManagementRealm" => {  
                        "authorization" => undefined,  
                        "plug-in" => undefined,  
                        "server-identity" => undefined,  
                        "authentication" => {  
                            "local" => {  
                                "allowed-users" => undefined,  
                                "default-user" => "$local" 

然后我可以cd进入节点,但我不确定这个级别的操作组成是什么.我可以在CLI中编写其他值和属性,但在这个级别我不确定该方法是什么.任何建议赞赏.例如,这些失败了.假设我在编写值之前不需要先添加此属性,并且该节点甚至可以在CLI中编写(任何想法Alexey？).

[domain@localhost:9999 security-realm=ManagementRealm] /host=master/core-service=management/security-realm=ManagementRealm/server-identity/:write(server-identity="new_value")  

和:

[domain@localhost:9999 security-realm=ManagementRealm] /host=master/core-service=management/security-realm=ManagementRealm/:write(server-identity="new_value")  

Answer 1

该EJB安全拦截器项目有一个CLI脚本与此交易.相关部分如下:

/core-service=management/security-realm=ejb-outbound-realm:add    
/core-service=management/security-realm=ejb-outbound-realm/server-identity=secret:add(value="Q29ubmVjdGlvblBhc3N3b3JkMSE=")