Managing roles
JAAS roles can be used by various components. The three management layers (SSH, JMX and WebConsole) all use a global role based authorization system. The default role name is configured in the etc/system.properties using the karaf.local.roles system property and the default value is admin. All users authenticating for the management layer must have this role defined. The syntax for this value is the following:
[classname:]principalWhere classname is the class name of the principal object (defaults to org.apache.karaf.jaas.modules.RolePrincipal) and principal is the name of the principal of that class (defaults to admin). Note that roles can be changed for a given layer using ConfigAdmin in the following configurations:
| Layer | PID | Value |
|---|---|---|
| SSH | org.apache.karaf.shell | sshRole |
| JMX | org.apache.karaf.management | jmxRole |
| Web | org.apache.karaf.webconsole | role |
Did this page help you?
If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!