When issuing the following command on jboss-cli.bat
(an MS-DOS batch file for windows) to create a security realm on WildFly 8.1.0 final as mentioned in this migration guide,
./subsystem=security/security-domain=app:add(cache-type="default")
cd ./subsystem=security/security-domain=app
./authentication=classic:add(
login-modules=[ {
code="Database",
flag="required",
module-options={
dsJndiName="java:/jdbc/project_datasource",
principalsQuery="SELECT password FROM user_role_table WHERE user_id=?",
rolesQuery="SELECT group_id, 'Roles'
FROM group_table gt INNER JOIN user_role_table urt ON gt.user_group_id = urt.user_id
WHERE urt.user_id=?", hashAlgorithm="SHA-256",
hashEncoding="BASE64",
unauthenticatedIdentity="guest"
}
}, {
code="RoleMapping",
flag="required",
module-options={
rolesProperties="file:${jboss.server.config.dir}/app.properties",
replaceRole="false"
}
}
])
I get the following error on the cli prompt :
Node path format is wrong around 'cd.' (index 67)
If cd
is removed, then the following error is reported.
Failed to perform read-opration-description to validate the request:
java.util.concurrent.ExecutionException
: Operation failed
The command is given in a contiguous text format as follows.
./subsystem=security/security-domain=app:add(cache-type="default") cd ./subsystem=security/security-domain=app ./authentication=classic:add(login-modules=[ {code="Database",flag="required",module-options={dsJndiName="java:/jdbc/project_datasource",principalsQuery="SELECT password FROM user_role_table WHERE user_id=?",rolesQuery="SELECT group_id, 'Roles' FROM group_table gt INNER JOIN user_role_table urt ON gt.user_group_id = urt.user_id WHERE urt.user_id=?",hashAlgorithm="SHA-256",hashEncoding="BASE64",unauthenticatedIdentity="guest"}},{code="RoleMapping",flag="required",module-options={rolesProperties="file:${jboss.server.config.dir} /app.properties",replaceRole="false"}}])
What is the fix? I just do not want to copy/past the XML to the configuration file as it might be different from version to version.
The problem is with combining more commands on a single line.
The simple solution for you is to use external file to store the CLI commands.
E.g. create security-domain.cli
file in wildfly-8.1.0.Final/bin
folder with following content (if you want to split a command to more lines, put backslash as a last character):
/subsystem=security/security-domain=app:add(cache-type="default")
/subsystem=security/security-domain=app/authentication=classic:add()
/subsystem=security/security-domain=app/authentication=classic/login-module=Database:add( \
code="Database", \
flag="required", \
module-options=[ \
("dsJndiName"=>"java:/jdbc/project_datasource"), \
("principalsQuery"=>"SELECT password FROM user_role_table WHERE user_id=?"), \
("rolesQuery"=>"SELECT group_id, 'Roles' FROM group_table gt INNER JOIN user_role_table urt ON gt.user_group_id = urt.user_id WHERE urt.user_id=?"), \
("hashAlgorithm"=>"SHA-256"), \
("hashEncoding"=>"BASE64"), \
("unauthenticatedIdentity"=>"guest") \
])
/subsystem=security/security-domain=app/authentication=classic/login-module=RoleMapping:add( \
code="RoleMapping", \
flag="required", \
module-options=[ \
("rolesProperties"=>"file:${jboss.server.config.dir}/app.properties"), \
("replaceRole"=>"false") \
])
(Your sample contains old style of setting login modules. It's a deprecated way now, so the example usage the new way.)
Run the new file with JBoss CLI tool:
jboss-cli.bat -c --file=security-domain.cli