[ "
\n

Access Control

\n The access control definitions grant or restrict access to the management operations.\n\n

Common Configuration Tasks

\n \n
", "
\n

Messaging (ActiveMQ)

\n Messaging server and queue configurations.\n
", "

Administrator

The Administrator role has unrestricted access to all resources and operations on the server except the audit logging system. The Administrator role has access to sensitive data and operations. This role can also configure the access control system. The Administrator role is only required when handling sensitive data or configuring users and roles. Administrators cannot access the audit logging system and cannot change themselves to the Auditor or SuperUser role.

", "
\n\n

Assignment

\n

A user is considered to be assigned to a role if:

\n
    \n
  1. The user is:\n
      \n
    • listed as a user to be included in the role, or
    • \n
    • a member of a group that is listed to be included in the role.
    • \n
    \n
  2. \n
  3. The user is not:\n
      \n
    • listed as a user to exclude from the role, or
    • \n
    • a member of a group that is listed to be excluded from the role.
    • \n
    \n
  4. \n
\n

Exclusions take priority over inclusions.

\n
", "

Auditor

The Auditor role has all the permissions of the Monitor role and can also view (but not modify) sensitive data, and has full access to the audit logging system. The Auditor role is the only role other than SuperUser that can access the audit logging system. Auditors cannot modify sensitive data or resources. Only read access is permitted.

", "
\n

Batch Subsystem

\n The Batch subsystem allows to configure the settings for bulk-oriented, non-interactive, background execution of jobs.\n
", "
\n

Content Repository

\n

All deployment artifacts uploaded to the domain.

\n
", "

Deployer

The Deployer role has the same permissions as the Monitor, but can modify configuration and state for deployments and any other resource type enabled as an application resource.

", "
\n\n

Deployment

\n A deployment represents anything that can be deployed (e.g. an application such as EJB-JAR, WAR, EAR, any kind of standard archive such as RAR or JBoss-specific deployment) into a server.\n\n

Common Configuration Tasks

\n Deploy and manage applications and other EE resources.\n
", "

Datasources

The Datasource subsystem allows you to create and configure datasources and manage JDBC database drivers.
", "

EE

\"The EE subsystem allows you to configure common functionality in the Java EE platform, such as defining global modules, enabling descriptor-based property replacement, and configuring default bindings.\"
", "

EJB 3

\"The EJB3 sybsystem allows you to configure Enterprise JavaBeans (EJB) including Session, Message-Driven, and Entity beans. \"
", "
\n\n

Groups

\n

The list of known groups.

\n\n
", "

HTTP

\"The HTTP subsystem allows you to configure the HTTP and AJP connectors.\"
", "
\n

IIOP OpenJDK

\n \"The iiop-openjdk subsystem configuration.\"\n
", "\n
\n\n

Interfaces

\n A logical name for a network interface/IP address/host name to which sockets can be bound. The domain.xml, host.xml and standalone.xml configurations all include a section where interfaces can be declared. Other sections of the configuration can then reference those interfaces by their logical name, rather than having to include the full details of the interface (which may vary on different machines).\n

\n An interface configuration includes the logical name of the interface as well as information specifying the criteria to use for resolving the actual physical address to use.\n

\n See Interfaces and ports for further details.\n\n

", "
\n

IO Subsystem

\n Work and buffer pool configurations.\n
", "

JacORB

The JacORB subsystem allows you to enable configure the CORBA services for JTS transactions and other ORB services.
", "

JCA

The JCA (Java EE Connector Architecture) subsystem allows you to configure the general settings for the JCA container and resource adapter deployments.
", "
\n

JGroups

\n Group communication protocol stack configuration.\n
", "

JMX

\"The JMX (Java Management Extensions) subsystem allows you to configure remote connectors, the model controller in the MBeanServer, and management audit logging. \"
", "

JPA

\"The JPA (Java Persistence API) subsystem manages the JPA 2.0 container-managed requirements and allows you to deploy persistent unit definitions, annotations, and desriptors.\"
", "

Logging

\"The Logging subsystem, which also supports several third party logging frameworks, allows you to configure log categories and handlers for the server and for application deployments.\"
", "

Mail

The Mail subsystem allows you to configure standard mail server attributes and define custom mail transports.
", "
\n

Mail Sessions

\n The Mail subsystem allows you to configure standard mail server attributes and define custom mail transports.\n
", "

Maintainer

The Maintainer role has access to view and modify runtime state and all configuration except sensitive data and operations. The Maintainer role is the general purpose role that doesn’t have access to sensitive data and operation. The Maintainer role allows users to be granted almost complete access to administer the server without giving those users access to passwords and other sensitive information. Maintainers cannot access sensitive data or operations.

", "
\n\n

Membership

\n

A user is considered to be assigned to a role if:

\n
    \n
  1. The user is:\n
      \n
    • listed as a user to be included in the role, or
    • \n
    • a member of a group that is listed to be included in the role.
    • \n
    \n
  2. \n
  3. The user is not:\n
      \n
    • listed as a user to exclude from the role, or
    • \n
    • a member of a group that is listed to be excluded from the role.
    • \n
    \n
  4. \n
\n

Exclusions take priority over inclusions.

\n
", "

Monitor

Users of the Monitor role have the fewest permissions and can only read the current configuration and state of the server. This role is intended for users who need to track and report on the performance of the server. Monitors cannot modify server configuration nor can they access sensitive data or operations.

", "

Operator

The Operator role extends the Monitor role by adding the ability to modify the runtime state of the server. This means that Operators can reload and shutdown the server as well as pause and resume JMS destinations. The Operator role is ideal for users who are responsible for the physical or virtual hosts of the application server so they can ensure that servers can be shutdown and restarted corrected when needed. Operators cannot modify server configuration or access sensitive data or operations.

", "\n
\n\n

Paths

\n A logical name for a filesystem path. The domain.xml, host.xml and standalone.xml configurations all include a section where paths can be declared.\n Other sections of the configuration can then reference those paths by their logical name, rather than having to include the full details of the path (which may vary on different machines). For example, the logging subsystem configuration includes a reference to the \\\"jboss.server.log.dir\\\" path that points to the server's \\\"log\\\" directory.\n\n
", "
\n\n

Configuration

\n The overall system configuration. Gives access to the server configuration.\n\n

Common Configuration Tasks

\n Configure subsystems, interfaces and socket bindings.\n\n

Related Links

\n \n
", "
\n\n

Configuration

\n The overall system configuration. Gives access to the main configuration profiles that can be applied to server groups.\n\n

Common Configuration Tasks

\n Configure subsystems, interfaces and socket bindings.\n\n

Related Links

\n \n
", "\n
\n\n

Configuration Profile

\n A profile is a named set of subsystem configurations. A subsystem is an added set of capabilities added to the core server by an extension. A subsystem provides servlet handling capabilities; a subsystem provides an EJB container; a subsystem provides JTA, etc. A profile is a named list of subsystems, along with the details of each subsystem's configuration. A profile with a large number of subsystems results in a server with a large set of capabilities. A profile with a small, focused set of subsystems will have fewer capabilities but a smaller footprint.\n
", "\n
\n\n

System Properties

\n These properties are available throughout the configuration. The Boot-Time flag specifies if a property should be passed into the JVM start (-Dproperty=value)\n
", "

Resource Adapter

The Resource Adapter subsystem allows you to configure and deploy resource adapters.
", "
\n

Remoting Subsystem

\n General remote access configuration for inbound and outbound connections.\n
", "
\n\n

Roles

\n

The list of known roles.

\n\n
", "
\n\n

Runtime

\n Runtime services, like log files, JVM metrics and subsystem specific runtime data.\n\n

Common Configuration Tasks

\n \n\n
", "

Security Subsystem

The Security subsystem allows you to configure settings related to deep copy subjects.
", "

Security Domains

The Security Domains subsytem allows you to configure settings related to registered security domains. You can configure the attributes and module options.
", "

Server Groups

A server group is set of server instances that will be managed and configured as one. In a managed domain each application server instance is a member of a server group. (Even if the group only has a single server, the server is still a member of a group.) It is the responsibility of the Domain Controller and the Host Controllers to ensure that all servers in a server group have a consistent configuration. They should all be configured with the same profile and they should have the same deployment content deployed.
", "

Servlet/HTTP

The Servlet subsystem allows you to configure the servlet/jsp configuration of the web subsystem.
", "\n
\n\n

Socket Bindings

\n Socket bindings and socket binding groups allow you to define network\n ports and their relationship to the networking interfaces required for\n a configuration profile.\n\n
", "

SuperUser

The SuperUser role has no restrictions and has complete access to all resources and operations of the server including the audit logging system. This role is equivalent to the administrator users of earlier versions. If RBAC is disabled, all management users have permissions equivalent to the SuperUser role.

", "

Threads

The Threads subsystem allows you to create and configure thread pools.
", "

Transactions

\"The Transaction subsystem allows you to configure Transaction Manager (TM) options such as statistics, timeout values, transaction logging, and whether to use Java Transaction Service (JTS).\"
", "
\n

Unassigned Content

\n

Uploaded deployment artifacts which are not assigned to any server group.

\n
", "
\n

Undertow

\n HTTP and AJP connectors. JSP and Servlet configuration options.\n
", "
\n\n

Users

\n

The list of known users.

\n\n
", "

Web Services

\"The Web Services subsystem allows you to configure the host name, ports, and WSDL address for the Web Services provider.\"
"]