Creating a new management user in the WildFly JBoss server

The management interfaces in a WilFly JBoss server are secured by default, and hence there is no default user. This is a security precaution, to prevent security breaches from remote systems due to simple configuration errors. Without a user, administrators may not be able to use the web-based Management Console of the WildFly JBoss server. It is therefore mandatory to create an initial administrative user, who will be able to use the web-based Management Console and remote instances of the Management CLI to configure and administer the WildFly JBoss serrver from remote systems. This user can be either the Management user or the Application user. A Management user is added to the ManagementRealm of the WildFly Jboss and is authorized to perform management operations using the web-based management console or the Management CLI. On the other hand, the Application user is added to the ApplicationRealm and this user has no particular permissions and is provided for use with applications. In order to monior the WildFly JBoss server, a user has to be created so that the WildFly JBoss server is accessed through the web-based management console. Therefore it is necessary to add a Management user in the WildFly JBoss server. Let us now discuss the steps on how to add a management user below:

  1. In order to add a user to the WildFly JBoss server, you will require either one of the following files available in the <JBOSS_INSTALL_DIR\bin> location:

    • add-user.sh
    • add-user.bat
  2. Execute the add-user.bat file in case the WildFly JBoss server is installed on a Windows environment and execute the add-user.sh file in case the WildFly JBoss server is installed on a Linux environment.

  3. Once the file is executed, you will be required to choose the type of the user that you wish to add. If you wish to add a Management User specify a or if you wish to add an Application User, specify b as mentioned below.

    What type of user do u wish to add?
    Management User (mgmt-user.properties)
    Application User (application-users.properties)
    (a): a

  4. Specify the credentials of the user that you wish to add. In our example, let us consider the Username as ‘elvis’. Specify the Username and Password accordingly and proceed to step 5.

    Username: elvis
    Password:*****
    Re-enter Password:****

  5. If you wish to associate the user to a group in the WildFly JBoss server installation, then you can provide a comma-separated list of groups or if you do not wish to associate the user to any group, you can do so as shown below:

    What groups do you want this user to belong to? (Please enter a comma separated list, or leave blanck for none):

  6. By default, if the Management User option is chosen, then the user will be added to the ManagementRealm of the WildFly JBoss server. Specify yes to confirm the same so that the user is added to the ManagementRealm.

    About to add user ‘elvis’ for realm ‘ManagementRealm’
    Is this correct yes/no? yes

  7. Now, the user will be added to the mgmt-users.properties and the mgmt-groups.properties of the WildFly JBoss server installation. Then, specify yes if a user of any other WildFly JBoss instance needs to be authenticated to join the cluster as a member. This authentication is a mandatory requirement for a WildFly JBoss cluster setup.

    Is this new server going to be used for one AS process to connect to another AS process? e.g. for a slave host controller connecting to the master or for a Remoting connection for a server to server EJB calls. yes/no? yes

  8. Once you specify yes in Step 7, a secret value will appear which needs to be copied and stored separately for future reference. Whenever a new WildFly JBoss instance is added in a domain, specifying the secret value while configuring the new instance will let the new instance be the slave of the WildFly JBoss installation in a cluster setup i.e., a user will be allowed to communicate with all the associated instances once the secret value is shared.

    To represent the user add the server-identities definition (secret value=”AWEStanW4cmziQ”).

Once the Management User is created, administrators can login to the WildFly JBoss management console and perform management operations extensively.