[ "
\n

Access Control

\n The access control definitions grant or restrict access to the management operations.\n\n

Common Configuration Tasks

\n \n
", "
\n

Messaging (ActiveMQ)

\n The Messaging subsystem allows you to configure connections, destinations, clustering, and general settings for messaging providers.\n
", "

Administrator

The Administrator role has unrestricted access to all resources and operations on the server except the audit logging system. The Administrator role has access to sensitive data and operations. This role can also configure the access control system. The Administrator role is only required when handling sensitive data or configuring users and roles. Administrators cannot access the audit logging system and cannot change themselves to the Auditor or SuperUser role.

", "
\n\n

Assignment

\n

A user is considered to be assigned to a role if:

\n
    \n
  1. The user is:\n
      \n
    • listed as a user to be included in the role, or
      • \n
    • a member of a group that is listed to be included in the role.
      • \n
    \n
    2. \n
  2. The user is not:\n
      \n
    • listed as a user to exclude from the role, or
      • \n
    • a member of a group that is listed to be excluded from the role.
      • \n
    \n
    3. \n
\n

Exclusions take priority over inclusions.

\n
", "

Auditor

The Auditor role has all the permissions of the Monitor role and can also view (but not modify) sensitive data, and has full access to the audit logging system. The Auditor role is the only role other than SuperUser that can access the audit logging system. Auditors cannot modify sensitive data or resources. Only read access is permitted.

", "
\n

Batch Subsystem

\n The Batch subsystem allows to configure the settings for bulk-oriented, non-interactive, background execution of jobs.\n
", "

Infinispan

The Infinispan subsystem allows you to configure the local, invalidation, distributed, and replicated caches for Infinispan cache containers.
\n", "
\n

Content Repository

\n

Manage all deployments that have been uploaded to the domain.

\n

Upload a new deployment or create an unmanaged deployment. Assign deployments to server groups or remove deployments.

\n
", "

Deployer

The Deployer role has the same permissions as the Monitor, but can modify configuration and state for deployments and any other resource type enabled as an application resource.

", "

Deployment Scanner

An individual deployment scanner that scans a particular location.
\n", "
\n\n

Deployment

\n A deployment represents anything that can be deployed (e.g. an application such as EJB-JAR, WAR, EAR, any kind of standard archive such as RAR or JBoss-specific deployment) into a server.\n\n

Common Configuration Tasks

\n Deploy and manage applications and other EE resources.\n
", "

Datasources

The Datasource subsystem allows you to create and configure datasources and manage JDBC database drivers.
", "

EE

The EE subsystem allows you to configure common functionality in the Java EE platform, such as defining global modules, enabling descriptor-based property replacement, and configuring default bindings.
\n", "

EJB 3

The EJB3 sybsystem allows you to configure Enterprise JavaBeans (EJB) including Session, Message-Driven, and Entity beans.
\n", "
\n\n

Groups

\n

Manage groups and the roles assigned to each group.

\n\n
", "

HTTP

The general configuration for the HTTP subsystem.
", "
\n

IIOP OpenJDK

\n The IIOP subsystem allows you to configure CORBA services for JTS transactions and other ORB services.\n
", "\n
\n\n

Interfaces

\n A logical name for a network interface/IP address/host name to which sockets can be bound. The domain.xml, host.xml and standalone.xml configurations all include a section where interfaces can be declared. Other sections of the configuration can then reference those interfaces by their logical name, rather than having to include the full details of the interface (which may vary on different machines).\n

\n An interface configuration includes the logical name of the interface as well as information specifying the criteria to use for resolving the actual physical address to use.\n

\n See Interfaces and ports for further details.\n\n

", "
\n

IO Subsystem

\n The IO subsystem allows you to define workers and buffer pools to be used by other subsystems.\n
", "

JacORB

The JacORB subsystem allows you to enable configure the CORBA services for JTS transactions and other ORB services.
", "

JCA

The JCA (Java EE Connector Architecture) subsystem allows you to configure the general settings for the JCA container and resource adapter deployments.
", "
\n

JGroups

\n Group communication protocol stack configuration.\n
", "

JMX

The JMX (Java Management Extensions) subsystem allows you to configure remote connectors, the model controller in the MBeanServer, and management audit logging.
\n", "

JPA

The JPA (Java Persistence API) subsystem manages the JPA 2.0 container-managed requirements and allows you to deploy persistent unit definitions, annotations, and desriptors.
\n", "
\n

JSP / Servlet

\n Configuration for JSP and servlet related settings.\n
", "

Logging

The Logging subsystem, which also supports several third-party logging frameworks, allows you to configure log categories and handlers for the server and for application deployments.
\n", "

Mail

The Mail subsystem allows you to configure standard mail server attributes and define custom mail transports.
", "
\n

Mail Sessions

\n The Mail subsystem allows you to configure standard mail server attributes and define custom mail transports.\n
", "

Maintainer

The Maintainer role has access to view and modify runtime state and all configuration except sensitive data and operations. The Maintainer role is the general purpose role that doesn’t have access to sensitive data and operation. The Maintainer role allows users to be granted almost complete access to administer the server without giving those users access to passwords and other sensitive information. Maintainers cannot access sensitive data or operations.

", "
\n\n

Membership

\n

A user is considered to be assigned to a role if:

\n
    \n
  1. The user is:\n
      \n
    • listed as a user to be included in the role, or
      • \n
    • a member of a group that is listed to be included in the role.
      • \n
    \n
    2. \n
  2. The user is not:\n
      \n
    • listed as a user to exclude from the role, or
      • \n
    • a member of a group that is listed to be excluded from the role.
      • \n
    \n
    3. \n
\n

Exclusions take priority over inclusions.

\n
", "
\n

Messaging Provider

\n

A messaging provider represents an ActiveMQ server instance.

\n\n

Queues / Topics

\n

Create queues and topics which are used by this messaging provider.

\n\n

Connections

\n

Manage acceptors which define how and connections can be made to the messaging provider.

\n

Create bridges, which consume messages from a source queue, and forward them to a target address, typically on a different server.

\n\n

Clustering

\n

Define broadcast and discovery groups which control how connectors are handled and distributed by this provider.

\n

Manage cluster connections to group servers into clusters so that messages can be load balanced between the nodes of the cluster.

\n\n

Provider settings

\n

Fine tune the settings of this messaging provider.

\n
", "
\n

ModCluster Subsystem

\n The configuration of the modcluster subsystem.\n
", "

Monitor

Users of the Monitor role have the fewest permissions and can only read the current configuration and state of the server. This role is intended for users who need to track and report on the performance of the server. Monitors cannot modify server configuration nor can they access sensitive data or operations.

", "

Operator

The Operator role extends the Monitor role by adding the ability to modify the runtime state of the server. This means that Operators can reload and shutdown the server as well as pause and resume JMS destinations. The Operator role is ideal for users who are responsible for the physical or virtual hosts of the application server so they can ensure that servers can be shutdown and restarted corrected when needed. Operators cannot modify server configuration or access sensitive data or operations.

", "\n
\n\n

Paths

\n A logical name for a filesystem path. The domain.xml, host.xml and standalone.xml configurations all include a section where paths can be declared.\n Other sections of the configuration can then reference those paths by their logical name, rather than having to include the full details of the path (which may vary on different machines). For example, the logging subsystem configuration includes a reference to the \\\"jboss.server.log.dir\\\" path that points to the server's \\\"log\\\" directory.\n\n
", "

PicketLink Federations

\n

When using the PicketLink subsystem to configure and deploy your identity providers and service providers, all of them are grouped in a Federation.

\n

A Federation can be understood as a Circle of Trust (CoT) from which applications share common configurations (certificates, saml specific configurations, etc) and where each participating domain is trusted to accurately document the processes used to identify a user, the type of authentication system used, and any policies associated with the resulting authentication credentials.

\n

Each federation has one Identity Provider and many Service Providers. You do not need to specify for each SP the IDP that it trusts, because this is defined by the federation.

\n
", "
\n\n

Configuration

\n The overall system configuration. Gives access to the server configuration.\n\n

Common Configuration Tasks

\n Configure subsystems, interfaces and socket bindings.\n\n

Related Links

\n \n
", "
\n\n

Configuration

\n The overall system configuration. Gives access to the main configuration profiles that can be applied to server groups.\n\n

Common Configuration Tasks

\n Configure subsystems, interfaces and socket bindings.\n\n

Related Links

\n \n
", "
\n\n

Profiles

\n

A profile is a named set of subsystem configurations. A subsystem is a set of capabilities added to the core server by an extension. Subsystems provide capabilities like servlet handling capabilities, an EJB container, JTA, etc.

\n

A profile is a named list of subsystems, along with the details of each subsystem's configuration. A profile with a large number of subsystems results in a server with a large set of capabilities. A profile with a small, focused set of subsystems will have fewer capabilities but a smaller footprint.

\n
", "\n
\n\n

System Properties

\n These properties are available throughout the configuration. The Boot-Time flag specifies if a property should be passed into the JVM start (-Dproperty=value)\n
", "

Resource Adapter

The Resource Adapter subsystem allows you to configure and deploy resource adapters.
", "
\n

Remoting Subsystem

\n The Remoting subsystem allows you to configure settings for inbound and outbound connections for remote services.\n
", "
\n\n

Roles

\n

Manage role permissions and membership lists.

\n\n
", "
\n\n

Runtime

\n

Manage hosts, server groups and servers. View and monitor runtime services, like log files, JVM metrics and subsystem specific runtime data.

\n\n

Common Configuration Tasks

\n \n
\n", "
\n\n

Runtime

\n

View and monitor runtime services, like log files, JVM metrics and subsystem specific runtime data.

\n\n

Common Configuration Tasks

\n \n
\n", "
\n

Host Configuration

\n

One of the primary new features of WildFly is the ability to manage multiple WildFly instances from a single control point. A collection of such servers is referred to as the members of a \"domain\" with a single Domain Controller process acting as the central management control point.

\n

All of the WildFly instances in the domain share a common management policy, with the Domain Controller acting to ensure that each server is configured according to that policy. Domains can span multiple physical (or virtual) machines, with all WildFly instances on a given host under the control of a special Host Controller process.

\n

One Host Controller instance is configured to act as the central Domain Controller. The Host Controller on each host interacts with the Domain Controller to control the lifecycle of the application server instances running on its host and to assist the Domain Controller in managing them.

\n

Common Configuration Tasks

\n

Configure network interfaces, JVM settings, and other properties for this host. Manage server instances for this host.

\n
\n", "
\n

Hosts

\n

All hosts that are members of this domain.

\n

In a managed domain, multiple server instances are managed from a single control point. A domain can span multiple physical or virtual machines, with all server instances under the control of a host controller. One host controller is configured to act as the central domain controller. All other host controllers interact with the domain controller to control the configuration and lifecycle of the application server instances.

\n
\n", "
\n

Server Groups

\n

A server group is set of server instances that will be managed and configured as one. In a managed domain each application server instance is a member of a server group (even if the group only has a single server, the server is still a member of a group).

\n

It is the responsibility of the Domain Controller and the Host Controllers to ensure that all servers in a server group have a consistent configuration. They should all be configured with the same profile and they should have the same deployment content deployed.

\n

Common Configuration Tasks

\n

Configure settings for this server group and perform operations such as starting, stopping, and reloading all servers that belong to this server group.

\n
\n", "
\n

Server Groups

\n

All server groups defined for this domain.

\n

A server group is a set of server instances that will be managed and configured as one. In a managed domain, all server instances are members of a server group. All server instances within a server group use the same profile and have the same deployment content.

\n
\n", "

Security Subsystem

The Security subsystem provides the infrastructure for securing applications. Security domains can be configured to expose authentication, authorization, ACL, audit, mapping, and identity trust capabilities.
", "

Security Domains

The Security Domains subsytem allows you to configure settings related to registered security domains. You can configure the attributes and module options.
", "

Server Groups

A server group is set of server instances that will be managed and configured as one. In a managed domain each application server instance is a member of a server group. (Even if the group only has a single server, the server is still a member of a group.) It is the responsibility of the Domain Controller and the Host Controllers to ensure that all servers in a server group have a consistent configuration. They should all be configured with the same profile and they should have the same deployment content deployed.
", "
\n

Server Groups

\n

Manage deployments that have been assigned to one or more server groups.

\n

Upload a new deployment, create an unmanaged deployment, or choose a deployment from the content repository. Enable or unassign deployments.

\n
", "

Servlet/HTTP

The Servlet subsystem allows you to configure the servlet/jsp configuration of the web subsystem.
", "\n
\n\n

Socket Bindings

\n Socket bindings and socket binding groups allow you to define network\n ports and their relationship to the networking interfaces required for\n a configuration profile.\n\n
", "

SuperUser

The SuperUser role has no restrictions and has complete access to all resources and operations of the server including the audit logging system. This role is equivalent to the administrator users of earlier versions. If RBAC is disabled, all management users have permissions equivalent to the SuperUser role.

", "

Threads

The Threads subsystem allows you to create and configure thread pools.
", "

Transactions

The Transaction subsystem allows you to configure Transaction Manager (TM) options such as statistics, timeout values, transaction logging, and whether to use Java Transaction Service (JTS).
\n", "
\n

Unassigned Content

\n

Manage deployments that are not assigned to any server group.

\n

Assign deployments to a server groups or remove deployments. Deployments that have been assigned to one or more server group can be found in the Server Groups section.

\n
", "
\n

Undertow

\n HTTP and AJP connectors. JSP and Servlet configuration options.\n
", "
\n\n

Users

\n

Manage users and the roles assigned to each user.

\n\n
", "

Web Services

The Web Services subsystem allows you to configure the host name, ports, and WSDL address for the Web Services provider.
\n"]