Managing the application server
WildFly provides three different means to configure and manage servers: a web interface, a command-line client, and a set of XML configuration files. No matter what approach you choose, the configuration is always synchronized across the different views and finally persisted to the XML files. After saving the changes using the web interface, you will instantly see an updated XML file in your server's configuration directory.
Managing WildFly 8 with the web interface
The web interface is a Google Web Toolkit (GWT) application, which can be used to manage a standalone or domain WildFly distribution. The GWT application known in JBoss AS 7 has been updated to match the new visual theme. It was also extended with new features, such as role-based security and patching support. By default, it is deployed on a localhost on the 9990 port; the property that controls the port socket binding is jboss.management.http.port, as specified in the server configuration (standalone.xml/domain.xml). The server configuration is given in the following code snippet:
<socket-binding-group name="standard-sockets" default-interface="public">
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
. . . . . . . . .
</socket-binding-group>
Note
Wildfly 8 is secured out of the box and the default security mechanism is based on a username or password, making use of HTTP Digest. The reason for securing the server by default is that if the management interfaces are accidentally exposed on a public IP address, authentication is required to connect. For this reason, there is no default user in the distribution.
The users are stored in a properties file called mgmt-users.properties under standalone/configuration or domain/configuration depending on the running mode of the server. This file contains the username information along with a precalculated hash of the username, plus the name of the realm and user's password.
To manipulate the files and add users, the server has provided utilities such as add-user.sh and add-user.bat to add the users and generate hashes. So just execute the script and follow the guided process. This is shown in the following screenshot:
In order to create a new user, you need to provide the following information:
- Type of user: The type of user will be Management User, since it will manage the application server.
- Realm: This must match the realm name used in the configuration, so unless you have changed the configuration to use a different realm name, leave this set to
ManagementRealm. - Username: This is the username of the user you are adding.
- Password: This is the user's password.
- User groups: This is a list of comma-separated groups that should be assigned to the newly created user; they are used for the role-based access control and auditing system, which was introduced in WildFly. The information about user groups is stored in the
mgmt-groups.propertiesfile.
If the validation is successful, you will be asked to confirm whether you want to add the user; only then the properties files will be updated.
The final question (Is this new user going to be used to connect one AS process to another?) can be used to add the slave Host Controllers that authenticate against a master domain controller. This, in turn, requires adding the secret key to your slave host's configuration in order to authenticate with the master domain controller. (For more information about domain configuration, please visit https://docs.jboss.org/author/display/WFLY8/Admin+Guide#AdminGuide-ManagedDomain.)