Host.xml

1. <?xml version='1.0' encoding='UTF-8'?>
2.  
3. <host xmlns="urn:jboss:domain:8.0" name="designer">
4. <extensions>
5. <extension module="org.jboss.as.jmx"/>
6. <extension module="org.wildfly.extension.core-management"/>
7. <extension module="org.wildfly.extension.elytron"/>
8. </extensions>
9. <vault>
10. <vault-option name="KEYSTORE_URL" value="/opt/code/iap-server/test/ComponentTestFramework/plugin/generated/ct-domain/configuration/vault/vault.keystore"/>
11. <vault-option name="KEYSTORE_PASSWORD" value="MASK-hRMy4EcKjRE4nRuKEskjz"/>
12. <vault-option name="KEYSTORE_ALIAS" value="vault"/>
13. <vault-option name="SALT" value="sugarsal"/>
14. <vault-option name="ITERATION_COUNT" value="22"/>
15. <vault-option name="ENC_FILE_DIR" value="/opt/code/iap-server/test/ComponentTestFramework/plugin/generated/ct-domain/configuration/vault"/>
16. </vault>
17. <management>
18. <security-realms>
19. <security-realm name="ManagementRealm">
20. <authentication>
21. <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
22. </authentication>
23. </security-realm>
24. <security-realm name="ApplicationRealm">
25. <server-identities>
26. <ssl>
27. <keystore path="application.keystore" relative-to="jboss.domain.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/>
28. </ssl>
29. </server-identities>
30. <authentication>
31. <jaas name="other"/>
32. </authentication>
33. </security-realm>
34. <security-realm name="M2MApplicationRealm">
35. <authentication>
36. <jaas name="M2MApplication"/>
37. </authentication>
38. </security-realm>
39. <security-realm name="ProvisioningRealm">
40. <authentication>
41. <jaas name="Provisioning"/>
42. </authentication>
43. </security-realm>
44. <security-realm name="M2MProvisioningRealm">
45. <authentication>
46. <properties path="m2m-provisioning-users.properties" relative-to="jboss.domain.config.dir"/>
47. </authentication>
48. </security-realm>
49. </security-realms>
50. <management-interfaces>
51. <native-interface security-realm="ManagementRealm">
52. <socket interface="oam" port="${jboss.management.native.port:9999}"/>
53. </native-interface>
54. <http-interface security-realm="ManagementRealm">
55. <http-upgrade enabled="true"/>
56. <socket interface="oam" port="${jboss.management.http.port:9990}"/>
57. </http-interface>
58. </management-interfaces>
59. </management>
60. <domain-controller>
61. <local/>
62. </domain-controller>
63. <interfaces>
64. <interface name="oam">
65. <inet-address value="10.0.2.4"/>
66. </interface>
67. </interfaces>
68. <jvms>
69. <jvm name="default">
70. <heap size="1024m" max-size="1024m"/>
71. <jvm-options>
72. <option value="-XX:MetaspaceSize=256"/>
73. <option value="-XX:MaxMetaspaceSize=256"/>
74. <option value="-server"/>
75. </jvm-options>
76. </jvm>
77. </jvms>
78. <servers>
79. <server name="ct-server-1" group="ct-servergroup" auto-start="false">
80. <system-properties>
81. <property name="jboss.tx.node.id" value="tx_ct_server_1"/>
82. </system-properties>
83. <interfaces>
84. <interface name="scontrol">
85. <inet-address value="127.0.0.1"/>
86. </interface>
87. <interface name="oam">
88. <inet-address value="10.0.2.4"/>
89. </interface>
90. <interface name="internal">
91. <inet-address value="127.0.0.1"/>
92. </interface>
93. </interfaces>
94. <jvm name="default">
95. <heap size="1024m" max-size="1024m"/>
96. <jvm-options>
97. <option value="-Djava.util.Arrays.useLegacyMergeSort=true"/>
98. <option value="-Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false"/>
99. <option value="-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true"/>
100. <option value="-Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true"/>
101. <option value="-XX:+UseG1GC"/>
102. <option value="-XX:G1HeapRegionSize=8"/>
103. <option value="-XX:MaxGCPauseMillis=250"/>
104. <option value="-XX:G1ReservePercent=30"/>
105. <option value="-XX:+HeapDumpOnOutOfMemoryError"/>
106. <option value="-XX:+UnlockDiagnosticVMOptions"/>
107. <option value="-XX:MaxTenuringThreshold=15"/>
108. <option value="-XX:SurvivorRatio=8"/>
109. <option value="-XX:+DisableExplicitGC"/>
110. <option value="-XX:+UseBiasedLocking"/>
111. <option value="-XX:+AggressiveOpts"/>
112. <option value="-XX:+UseTLAB"/>
113. <option value="-XX:+UseCompressedOops"/>
114. <option value="-XX:MetaspaceSize=1024m"/>
115. <option value="-XX:MaxMetaspaceSize=2048m"/>
116. <option value="-Djboss.bind.address=10.0.2.4"/>
117. <option value="-Djboss.bind.address.management=10.0.2.4"/>
118. <option value="-DMSMW_SCONTROL_HTTP_ADDR=127.0.0.1"/>
119. <option value="-DMSMW_SCONTROL_HTTP_PORT=38080"/>
120. <option value="-DMSMW_OAM_HTTP_ADDR=10.0.2.4"/>
121. <option value="-DMSMW_OAM_HTTP_PORT=8080"/>
122. <option value="-DMSMW_INTERNAL_HTTP_ADDR=127.0.0.1"/>
123. <option value="-DMSMW_INTERNAL_HTTP_PORT=18080"/>
124. <option value="-Djacorb.interop.null_string_encoding=on"/>
125. <option value="-Djacorb.interop.lax_boolean_encoding=on"/>
126. <option value="-Djacorb.retries=0"/>
127. <option value="-Djacorb.retry_interval=500"/>
128. <option value="-Djacorb.connection.client.connect_timeout=30000"/>
129. <option value="-Djacorb.connection.client.pending_reply_timeout=20000"/>
130. <option value="-Djacorb.connection.request.write_timeout=5000"/>
131. <option value="-Xrunjdwp:transport=dt_socket,address=8787,server=y,suspend=n"/>
132. </jvm-options>
133. </jvm>
134. <socket-bindings socket-binding-group="traffic-sockets" port-offset="0"/>
135. </server>
136. </servers>
137. <profile>
138. <subsystem xmlns="urn:jboss:domain:core-management:1.0"/>
139. <subsystem xmlns="urn:wildfly:elytron:4.0" final-providers="combined-providers" disallowed-providers="OracleUcrypto">
140. <providers>
141. <aggregate-providers name="combined-providers">
142. <providers name="elytron"/>
143. <providers name="openssl"/>
144. </aggregate-providers>
145. <provider-loader name="elytron" module="org.wildfly.security.elytron"/>
146. <provider-loader name="openssl" module="org.wildfly.openssl"/>
147. </providers>
148. <audit-logging>
149. <file-audit-log name="local-audit" path="audit.log" relative-to="jboss.domain.log.dir" format="JSON"/>
150. </audit-logging>
151. <security-domains>
152. <security-domain name="ManagementDomain" default-realm="ManagementRealm" permission-mapper="default-permission-mapper">
153. <realm name="ManagementRealm" role-decoder="groups-to-roles"/>
154. <realm name="local" role-mapper="super-user-mapper"/>
155. </security-domain>
156. </security-domains>
157. <security-realms>
158. <identity-realm name="local" identity="$local"/>
159. <properties-realm name="ManagementRealm">
160. <users-properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir" digest-realm-name="ManagementRealm"/>
161. <groups-properties path="mgmt-groups.properties" relative-to="jboss.domain.config.dir"/>
162. </properties-realm>
163. </security-realms>
164. <mappers>
165. <simple-permission-mapper name="default-permission-mapper" mapping-mode="first">
166. <permission-mapping>
167. <principal name="anonymous"/>
168. <permission-set name="default-permissions"/>
169. </permission-mapping>
170. <permission-mapping match-all="true">
171. <permission-set name="login-permission"/>
172. <permission-set name="default-permissions"/>
173. </permission-mapping>
174. </simple-permission-mapper>
175. <constant-realm-mapper name="local" realm-name="local"/>
176. <simple-role-decoder name="groups-to-roles" attribute="groups"/>
177. <constant-role-mapper name="super-user-mapper">
178. <role name="SuperUser"/>
179. </constant-role-mapper>
180. </mappers>
181. <permission-sets>
182. <permission-set name="login-permission">
183. <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/>
184. </permission-set>
185. <permission-set name="default-permissions"/>
186. </permission-sets>
187. <http>
188. <http-authentication-factory name="management-http-authentication" security-domain="ManagementDomain" http-server-mechanism-factory="global">
189. <mechanism-configuration>
190. <mechanism mechanism-name="BASIC">
191. <mechanism-realm realm-name="Management Realm"/>
192. </mechanism>
193. </mechanism-configuration>
194. </http-authentication-factory>
195. <provider-http-server-mechanism-factory name="global"/>
196. </http>
197. <sasl>
198. <sasl-authentication-factory name="management-sasl-authentication" sasl-server-factory="configured" security-domain="ManagementDomain">
199. <mechanism-configuration>
200. <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
201. <mechanism mechanism-name="DIGEST-MD5">
202. <mechanism-realm realm-name="ManagementRealm"/>
203. </mechanism>
204. </mechanism-configuration>
205. </sasl-authentication-factory>
206. <configurable-sasl-server-factory name="configured" sasl-server-factory="elytron">
207. <properties>
208. <property name="wildfly.sasl.local-user.default-user" value="$local"/>
209. </properties>
210. </configurable-sasl-server-factory>
211. <mechanism-provider-filtering-sasl-server-factory name="elytron" sasl-server-factory="global">
212. <filters>
213. <filter provider-name="WildFlyElytron"/>
214. </filters>
215. </mechanism-provider-filtering-sasl-server-factory>
216. <provider-sasl-server-factory name="global"/>
217. </sasl>
218. </subsystem>
219. <subsystem xmlns="urn:jboss:domain:jmx:1.3">
220. <expose-resolved-model/>
221. <expose-expression-model/>
222. <remoting-connector/>
223. </subsystem>
224. </profile>
225. </host>