如何使用 RBAC 提供程序(本地主机)访问 WildFly 管理控制台?
How to access WildFly Admin Console with RBAC provider (localhost)?
从 "simple" 变为 "rbac":
<access-control provider="rbac">
<role-mapping>
<role name="SuperUser">
<include>
<user name="$local" />
</include>
</role>
</role-mapping>
</access-control>
导致以下情况:
{
"outcome" : "failed",
"failure-description" : "WFLYCTL0313: Unauthorized to execute operation 'read-resource' for resource '[]' -- \"WFLYCTL0332:
Permission denied\"",
"rolled-back" : true }
standalone.xml 中还需要哪些其他配置才能正常工作?
解决了问题 - 仅定义 $local 用户是不够的,您实际上需要先添加其他用户,例如:
<access-control provider="rbac">
<role-mapping>
<role name="SuperUser">
<include>
<user name="$local" />
<user name="myAdmin" />
</include>
</role>
<role name="Monitor">
<include>
<user name="myLogs" />
</include>
</role>
</role-mapping>
</access-control>
从 "simple" 变为 "rbac":
<access-control provider="rbac">
<role-mapping>
<role name="SuperUser">
<include>
<user name="$local" />
</include>
</role>
</role-mapping>
</access-control>
导致以下情况:
{ "outcome" : "failed", "failure-description" : "WFLYCTL0313: Unauthorized to execute operation 'read-resource' for resource '[]' -- \"WFLYCTL0332: Permission denied\"", "rolled-back" : true }
standalone.xml 中还需要哪些其他配置才能正常工作?
解决了问题 - 仅定义 $local 用户是不够的,您实际上需要先添加其他用户,例如:
<access-control provider="rbac">
<role-mapping>
<role name="SuperUser">
<include>
<user name="$local" />
<user name="myAdmin" />
</include>
</role>
<role name="Monitor">
<include>
<user name="myLogs" />
</include>
</role>
</role-mapping>
</access-control>