125 lines
5.1 KiB
XML
Executable File
125 lines
5.1 KiB
XML
Executable File
<?xml version='1.0' encoding='UTF-8'?>
|
|
|
|
<!--
|
|
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
~ and other contributors as indicated by the @author tags.
|
|
~
|
|
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
~ you may not use this file except in compliance with the License.
|
|
~ You may obtain a copy of the License at
|
|
~
|
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
~
|
|
~ Unless required by applicable law or agreed to in writing, software
|
|
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
~ See the License for the specific language governing permissions and
|
|
~ limitations under the License.
|
|
-->
|
|
|
|
<host xmlns="urn:jboss:domain:15.0">
|
|
<extensions>
|
|
<?EXTENSIONS?>
|
|
</extensions>
|
|
|
|
<management>
|
|
<security-realms>
|
|
<security-realm name="ManagementRealm">
|
|
<server-identities>
|
|
<!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
|
|
<secret value="c2xhdmVfdXMzcl9wYXNzd29yZA=="/>
|
|
</server-identities>
|
|
|
|
<authentication>
|
|
<local default-user="$local" skip-group-loading="true"/>
|
|
<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
|
|
</authentication>
|
|
<authorization map-groups-to-roles="false">
|
|
<properties path="mgmt-groups.properties" relative-to="jboss.domain.config.dir"/>
|
|
</authorization>
|
|
</security-realm>
|
|
<security-realm name="ApplicationRealm">
|
|
<server-identities>
|
|
<ssl>
|
|
<keystore path="application.keystore" relative-to="jboss.domain.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/>
|
|
</ssl>
|
|
</server-identities>
|
|
<authentication>
|
|
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
|
|
<properties path="application-users.properties" relative-to="jboss.domain.config.dir"/>
|
|
</authentication>
|
|
<authorization>
|
|
<properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/>
|
|
</authorization>
|
|
</security-realm>
|
|
</security-realms>
|
|
<audit-log>
|
|
<formatters>
|
|
<json-formatter name="json-formatter"/>
|
|
</formatters>
|
|
<handlers>
|
|
<file-handler name="host-file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.domain.data.dir"/>
|
|
<file-handler name="server-file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/>
|
|
</handlers>
|
|
<logger log-boot="true" log-read-only="false" enabled="false">
|
|
<handlers>
|
|
<handler name="host-file"/>
|
|
</handlers>
|
|
</logger>
|
|
<server-logger log-boot="true" log-read-only="false" enabled="false">
|
|
<handlers>
|
|
<handler name="server-file"/>
|
|
</handlers>
|
|
</server-logger>
|
|
</audit-log>
|
|
<management-interfaces>
|
|
<native-interface security-realm="ManagementRealm">
|
|
<socket interface="management" port="${jboss.management.native.port:3456}"/>
|
|
</native-interface>
|
|
</management-interfaces>
|
|
</management>
|
|
|
|
<domain-controller>
|
|
<remote username="$local" security-realm="ManagementRealm">
|
|
<discovery-options>
|
|
<static-discovery name="primary" protocol="${jboss.domain.master.protocol:remote}" host="${jboss.domain.master.address:127.0.0.1}" port="${jboss.domain.master.port:9999}"/>
|
|
</discovery-options>
|
|
</remote>
|
|
</domain-controller>
|
|
|
|
<interfaces>
|
|
<interface name="management">
|
|
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
|
|
</interface>
|
|
<interface name="public">
|
|
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
|
|
</interface>
|
|
|
|
<?INTERFACES?>
|
|
|
|
</interfaces>
|
|
|
|
<jvms>
|
|
<jvm name="default">
|
|
<heap size="64m" max-size="256m"/>
|
|
<jvm-options>
|
|
<option value="-server"/>
|
|
<option value="-XX:MetaspaceSize=96m"/>
|
|
<option value="-XX:MaxMetaspaceSize=256m"/>
|
|
</jvm-options>
|
|
</jvm>
|
|
</jvms>
|
|
|
|
<servers>
|
|
<server name="server-two" group="auth-server-group" auto-start="true">
|
|
<!-- server-two avoids port conflicts by incrementing the ports in
|
|
the default socket-group declared in the server-group -->
|
|
<socket-bindings port-offset="250"/>
|
|
</server>
|
|
</servers>
|
|
|
|
<profile>
|
|
<?SUBSYSTEMS socket-binding-group="standard-sockets"?>
|
|
</profile>
|
|
</host>
|