I have deployed a Kie Server 7.5.0 over a Wildfly 10, I can enter the login page of the Kie workbench, but I haven't been able to find out which is the default admin user or how to add my own one. I see Wildfly has an add_user script and an access management in its console, but I don't know if this is the way to enable access to Kie and how to proceed.
Do I have to specify a boot parameter in Wildfly with -D or something? How can I enable a user to access Kie Server.
Thanks in advance.
Kie-server.war uses applicationRelam for authentication and authorization. You can create ApplicationRelam user using /bin/add-user.sh script. You can use below command:
$JBOSS_HOME/bin/add-user.sh -a User1 admin#123 -g admin,kie-server
Related
I am trying to configure keycloak to run with PostgreSQL (using Azure Database for PostgreSQL) using a docker container. I was able to do this as instructed in the keycloak documentation here.
The problem that I am facing is, Azure Database for PostgreSQL has this option "Enforce SSL connection" set to "Enable" by default and the keycloak server is not working with that. It throws following error at the server startup.
ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 49) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./auth:
Caused by: org.postgresql.util.PSQLException: FATAL: SSL connection is required. Please specify SSL options and retry.
If the option "Enforce SSL connection" is disabled it worked fine.
I would like to know how to specify this option to work with keycloak.
I am using a custom Dockerfile to download and boot keycloak server and passing the data-source parameters as environmental variables with the docker run command. I have tried this approach which worked fine when I point it to my PostgreSQL data-source without any modifications. But when I change it to be compatible with my own Dockerfile it gives the same error.
Thanks in advance.
so here's what I did.
I overlooked the latest Dockerfile shared by jboss (which is available here) and adopted the lines that I needed with the version of my requirement. Earlier I was trying to add postgreSQL configuration by my own as keycloak document was suggesting. Since it is now supported out of the box I changed my Dockerfile to be compatible with jboss Dockerfile for keycloak.
Also I introduced new env. variable to enforce SSL connection by stating ssl=true as guided here
FATAL: SSL connection is required. Please specify SSL options and retry.
I've seen this happen when the client IP address isn't included in the firewall rules on the PostgreSQL server. Try confirming the firewall is open for your IP in the Connection Security page in the portal or in the Azure CLI using az postgres server firewall-rule list --resource-group --server-name
I have started server using fuse_home/bin/start. Server is appearing as started but not able to access Admin console.
It is showing hawtio screen instead.
Appreciate any direction.
Try creating a fabric first, by using the fabric:create command.
Fuse can be started in two ways one is using ./fuse script from bin dir
Another starting in background ./start and connect using ./client
./client connect to running fuse karaf console
[kkakarla#kkakarla bin]$ ./start
[kkakarla#kkakarla bin]$ ./status
Running ...
[kkakarla#kkakarla bin]$ ./client
Logging in as admin
Open a browser to http://localhost:8181 to access the management console
Create a new Fabric via 'fabric:create'
or join an existing Fabric via 'fabric:join [someUrls]'
Hit '' or 'osgi:shutdown' to shutdown JBoss Fuse.
JBossFuse:admin#root>
Please make sure you uncommented last line user.properties file before starting the fuse server. Fuse provides access to fuse management console using HOWTIO. Since you are starting fuse by using /.start you may not be able to create fabric directly until you connect to client, in that case you can connect to fuse server using SSH #localhost -p8101, then you can run fabric: create. Otherwise you can /.stop the server and start using ./fuse or ./karaf then you can run fabric commands directly. If still issue not resolved we have to check logs.
I want to change the password to an specific user of a james server.
Thanks
You can connect to James Remote Administration Tool via Telnet
telnet <ip> 4555
The default credentials are login: root password: root
Once connected, simply run this command:
setpassword [username] [password]
Better : using the commandline client provided by the project.
It use JMX under the hood. The CLI is packages with every distribution of the server. (you can even execute it via maven from here : https://github.com/apache/james-project/tree/master/server/container/cli)
Then, fnkrm is right, you should go for setpassword.
Alternatively, on 3.0-betax we provide optional admin REST APIs. https://github.com/apache/james-project/tree/master/server/protocols/webadmin . Have a look to the corresponding docker images if interested.
Cheers,
Benoit.
I'm running Wildfly within Docker. I need to add users and set the configuration before the java process is started.
I can run the add-user.sh script to create a simple user:
/wildfly/bin/add-user.sh admin admin --silent
However, I need to create a management user that will be used for authenticating an instance with the managed instance. In the CLI the option is:
"Is this new user going to be used for one AS process to connect to another AS process?", reply yes.
Is there a way to set this option via a parameter in the script?
add-user.sh just adds the user to: mgmt-users.properties
so you can generate this value for yourself pretty easily.
This will give you access to the container
docker exec -it wildfly-instance /bin/bash
I have installed & setup the Rabbitmq on Centos remote server. Later I created an file "rabbitmq.config" and added the line
[{rabbit, [{loopback_users, []}]}]
and then restarted the rabbitmq server. Again tried to login the rabbitmq management web interface from my local machine using the guest credentials, but getting
login failed
error message.What is the proper way to empty the loopback user settings for Rabbitmq in Centos.
First of all connect to your rabbitmq server machine using ssh client so as to be able to run rabbitmqctl (like puTTY) & get into the sbin directory of rabbit installation
you need to create a user for any vhost on that system (here I use default vhost "/")
$ rabbitmqctl add_user yourName yourPass
Set the permissions for that user for default vhost
$ rabbitmqctl set_permissions -p / yourName ".*" ".*" ".*"
Set the administrator tag for this user (to enable him access the management pluggin)
$ rabbitmqctl set_user_tags yourName administrator
... and you are ready to login to your rabbitmq management gui using yourName and yourPass from any browser by pointing it to http://"*********":15672 where ***** is your server IP
hope it helps...
:-)
There is an example config file, on centos do:
cp /usr/share/doc/rabbitmq-server-3.4.2/rabbitmq.config.example /etc/rabbitmq/rabbitmq.config
Find and remove comments (and comma):
{loopback_users, []}
Then, stop rabbitmq:
rabbitmqctl stop
Now start the server:
service rabbitmq-server start
Now user "guest" can access from anywhere.
Since RabbitMQ 3.3.0 there you can't use default guest/guest credentials except via localhost, (see release notes for 3.3.0 for details).
As a possible solution you can (and probably should) create custom secured user to be used for monitoring, management, etc.
Also you can use proxy setup.
P.S.:
if you enabled loopback_users check that proper config loaded (for running NODENAME), it is well-formed (has valid syntax and ended with .), management plugin activated and started and no firewall blocking rules exists.
P.P.S.:
Check that default user is guest, it exists and has default (guest) password. If you use some library to access to RabbitMQ, check that it has the same defaults as remote (guest:guest) or specify them explicitly.