[ "
\n

Access Control

\n The access control definitions grant or restrict access to management operations.\n\n

Common Configuration Tasks

\n \n
\n", "
\n

Messaging (ActiveMQ)

\n The Messaging (ActiveMQ) subsystem allows you to configure connections, destinations, clustering, and general settings for messaging providers.\n
\n", "

Administrator

The Administrator role has unrestricted access to all resources and operations on the server except the audit logging system. The Administrator role has access to sensitive data and operations. This role can also configure the access control system. The Administrator role is only required when handling sensitive data or configuring users and roles. Administrators cannot change their permissions to Auditor or SuperUser.

\n", "
\n\n

Assignment

\n

A user is considered to be assigned to a role if:

\n
    \n
  1. The user is:\n
      \n
    • listed as a user to be included in the role, or
      • \n
    • a member of a group that is listed to be included in the role.
      • \n
    \n
    2. \n
  2. The user is not:\n
      \n
    • listed as a user to exclude from the role, or
      • \n
    • a member of a group that is listed to be excluded from the role.
      • \n
    \n
    3. \n
\n

Exclusions take priority over inclusions.

\n
", "

Auditor

The Auditor role has all the permissions of the Monitor role and can also view, but not modify, sensitive data. The Auditor role is the only role other than SuperUser that can access the audit logging system. Only read access is permitted.

\n", "
\n

Batch Subsystem

\n The Batch subsystem allows you to configure an environment for running batch applications.\n
\n", "

Infinispan

The Infinispan subsystem allows you to configure the local, invalidation, distributed, and replicated caches for Infinispan cache containers.
\n", "
\n

Content Repository

\n

Manage all deployments that have been uploaded to the domain.

\n

Upload a new deployment or create an unmanaged deployment. Assign deployments to server groups or remove deployments.

\n
", "

Deployer

The Deployer role has the same permissions as the Monitor, but can modify configuration and state for deployments and any other resource type enabled as an application resource.

", "

Deployment Scanners

The Deployment Scanners subsystem allows you to configure deployment scanners that monitor certain locations for applications to deploy.
\n", "
\n\n

Deployment

\n A deployment is anything that can be deployed to a server, such as WAR, EAR, and EJB JAR applications, standard archives, or JBoss-specific deployments.\n\n

Common Configuration Tasks

\n Deploy and manage applications and other Java EE resources.\n
\n", "

Datasources

The Datasource subsystem allows you to create and configure datasources.
\n", "

EE

The EE subsystem allows you to configure common functionality in the Java EE platform, such as defining global modules, enabling descriptor-based property replacement, and configuring default bindings.
\n", "

EJB 3

The EJB 3 subsystem allows you to configure Enterprise JavaBeans (EJBs) including session, message-driven, and entity beans.
\n", "
\n

Factory

\n Elytron settings for factories.\n
\n", "
\n

Mapper / Decoder

\n Elytron settings for\n \n
\n", "
\n

Security Realm

\n Elytron settings for security realms and authentication.\n
\n", "
\n

Other settings

\n Elytron settings for:\n \n
\n", "
\n\n

Groups

\n

Manage groups and the roles assigned to each group.

\n\n
", "

HTTP

General configuration for the Undertow subsystem.
\n", "
\n

IIOP OpenJDK

\n The IIOP subsystem allows you to configure CORBA services for JTS transactions and other ORB services.\n
", "
\n

Interfaces

\n

An interface is a logical name for a network interface, IP address, or host name to which sockets can be bound. Other areas of the configuration can then reference the interface by its logical name instead of providing the full details, which may vary on different machines. An interface configuration also specifies criteria for resolving the actual physical address to use.

\n
\n", "
\n

IO

\n The IO subsystem allows you to define workers and buffer pools to be used by other subsystems.\n
\n", "

JacORB

The JacORB subsystem allows you to enable configure the CORBA services for JTS transactions and other ORB services.
", "

JCA

The Java EE Connector Architecture (JCA) subsystem allows you to configure the general settings for the JCA container and resource adapter deployments.
\n", "
\n

JGroups

\n The JGroups subsystem allows you to configure the protocol stacks and mechanisms for how servers in a cluster communicate.\n
\n", "
\n

JMS Bridge

\n

A JMS bridge consumes messages from a source JMS destination and sends them to a target JMS destination, typically on a different server.

\n\n

The bridge can also be used to bridge messages from other non-Artemis JMS servers, as long as they are JMS 1.1 compliant.

\n
\n", "

JMX

The Java Management Extensions (JMX) subsystem allows you to configure JMX access and settings.
\n", "

JPA

The Java Persistence API (JPA) subsystem manages the JPA 2.1 container-managed requirements and allows you to deploy persistent unit definitions, annotations, and descriptors.
\n", "
\n

Servlet / JSP

\n Configuration for JSP and servlet container settings.\n
\n", "

Logging

The Logging subsystem, which also supports several third-party logging frameworks, allows you to configure log categories and handlers for the server and for application deployments.
\n", "

Mail

The Mail subsystem allows you to configure standard mail server attributes and define custom mail transports.
", "
\n

Mail Sessions

\n The Mail subsystem allows you to configure standard mail server attributes and define custom mail transports.\n
\n", "

Maintainer

The Maintainer role has access to view and modify runtime state and all configuration except sensitive data and operations. The Maintainer role is the general purpose role that does not have access to sensitive data and operations. The Maintainer role allows users to be granted almost complete access to administer the server without giving those users access to passwords and other sensitive information.

\n", "
\n\n

Membership

\n

A user is considered to be assigned to a role if:

\n
    \n
  1. The user is:\n
      \n
    • listed as a user to be included in the role, or
      • \n
    • a member of a group that is listed to be included in the role.
      • \n
    \n
    2. \n
  2. The user is not:\n
      \n
    • listed as a user to exclude from the role, or
      • \n
    • a member of a group that is listed to be excluded from the role.
      • \n
    \n
    3. \n
\n

Exclusions take priority over inclusions.

\n
", "
\n

Messaging Provider

\n

A messaging provider is an ActiveMQ server instance.

\n\n

Queues / Topics

\n

Create queues and topics used by this messaging provider.

\n\n

Connections

\n

Manage acceptors, which define how connections can be made to the messaging provider.

\n

Create bridges, which consume messages from a source queue, and forward them to a target address, typically on a different server.

\n\n

Clustering

\n

Define broadcast and discovery groups, which control how connectors are handled and distributed by this provider.

\n

Manage cluster connections to load balance between nodes of a cluster.

\n\n

Provider settings

\n

Configure the settings of this messaging provider.

\n
\n", "
\n

ModCluster

\n The ModCluster subsystem allows you to configure the server-side mod_cluster worker node.\n
\n", "

Monitor

The Monitor role has the fewest permissions and can only read the current configuration and state of the server. This role is intended for users who need to track and report on the performance of the server. Monitors cannot modify server configuration nor can they access sensitive data or operations.

\n", "

Operator

The Operator role extends the Monitor role by adding the ability to modify the runtime state of the server. This means that Operators can reload and shut down the server as well as pause and resume JMS destinations. The Operator role is ideal for users who are responsible for the physical or virtual hosts of the application server so they can ensure that servers can be shut down and restarted correctly when needed. Operators cannot modify server configuration nor access sensitive data or operations.

\n", "\n
\n\n

Paths

\n A path is a logical name for a file system path. Other areas of the configuration can then reference the path using the logical name instead of the full path, which may vary on different machines. There are several predefined paths in use by the default configuration, such as the jboss.server.log.dir path that defines the directory for the server log.\n
\n", "

PicketLink Federations

\n

The PicketLink subsystem allows you to configure and deploy identity providers (IDP) and service providers (SP), which are grouped together in a federation.

\n

A federation can be understood as a circle of trust from which applications share common configurations, such as certificates and SAML-specific configurations. Each participating domain is trusted to accurately document the processes used to identify a user, the type of authentication system used, and any policies associated with the resulting authentication credentials.

\n

Each federation has one IDP and many SPs.

\n
\n", "
\n\n

Configuration

\n \n\n The overall system and server configuration.\n\n

Common Configuration Tasks

\n Configure subsystems, interfaces, and socket bindings.\n\n

Related Links

\n \n
\n", "
\n\n

Configuration

\n The overall system configuration, including collections of subsystem configurations known as profiles.\n\n

Common Configuration Tasks

\n Configure profiles, subsystems, interfaces, and socket bindings.\n\n

Related Links

\n \n
\n", "
\n

Profiles

\n

A profile is a named collection of subsystem configurations. A subsystem is a set of capabilities that extends the core functionality of the server, such as messaging, logging, and application security. A managed domain can define many profiles for use by the servers in the domain.

\n
\n", "\n
\n\n

System Properties

\n These properties are available throughout the configuration. In a managed domain, the Boot-Time flag specifies whether a property should be passed in to the JVM when server processes are started (-Dproperty=value).\n\n
\n", "

Resource Adapters

The Resource Adapters subsystem allows you to configure and deploy resource adapters.
\n", "
\n

Remoting

\n The Remoting subsystem allows you to configure settings for inbound and outbound connections for local and remote services.\n
\n", "
\n\n

Roles

\n

Manage role permissions and membership lists.

\n\n
", "
\n

Data Source Metrics

\n

Datasources runtime metrics. If no metrics are shown, you may need to enable statistics for the Datasources subsystem in the 'Configuration' section.

\n
\n", "
\n\n

Runtime

\n

Manage hosts, server groups, and servers. View and monitor runtime services, such as log files, JVM metrics, and subsystem-specific runtime data.

\n\n

Common Configuration Tasks

\n \n
\n", "
\n\n

Runtime

\n

View and monitor runtime services, such as log files, JVM metrics, and subsystem-specific runtime data.

\n\n

Common Configuration Tasks

\n \n
\n", "
\n

Host Configuration

\n

A host controller is a physical or virtual host that interacts with the central domain controller to configure and manage the application server insatnces running on its host.

\n

Common Configuration Tasks

\n \n
\n", "
\n

Hosts

\n

A managed domain consists of host controllers, which are physical or virtual hosts that interact with the central domain controller to manage the application server instances running on its host. One host controller is configured to act as the central domain controller. Each host controller can have multiple server groups.

\n
\n", "
\n

HTTP Server

\n

Configuration for HTTP servers. Select a server to view its settings. If no metrics are shown, you might need to enable statistics in the 'Configuration' section.

\n
\n", "
\n

Server Group

\n

A server group is a set of server instances that will be configured and managed as one. In a managed domain, all server instances are members of a server group. All server instances within a server group use the same profile and have the same deployment content.

\n

Common Configuration Tasks

\n \n
\n", "
\n

Server Groups

\n

A server group is set of server instances that will be configured and managed as one. In a managed domain, every application server instance is a member of a server group, even if there is only a single server in a server group.

\n

It is the responsibility of the domain controller and the host controllers to ensure that all servers in a server group have a consistent configuration. All server instances use the same profile and have the same deployment content.

\n
\n", "
\n

Transaction Metrics

\n

The current state of the transaction subsystem. If no metrics are shown, you may need to enable statistics for the Transaction subsystem in the 'Configuration' section.

\n
\n", "
\n

Web Service Endpoints

\n

List of web service endpoints, which must be deployed as regular applications. If no metrics are shown, you may need to enable statistics for the Web Services subsystem in the 'Configuration' section.

\n
\n", "

Security Subsystem

The Security subsystem provides the infrastructure for securing applications. Security domains can be configured to expose authentication, authorization, ACL, audit, mapping, and identity trust capabilities.
", "

Security

The Security subsystem allows you to create and configure security domains for application security.
\n", "

Server Groups

A server group is set of server instances that will be managed and configured as one. In a managed domain each application server instance is a member of a server group. (Even if the group only has a single server, the server is still a member of a group.) It is the responsibility of the Domain Controller and the Host Controllers to ensure that all servers in a server group have a consistent configuration. They should all be configured with the same profile and they should have the same deployment content deployed.
", "
\n

Server Groups

\n

Manage deployments that have been assigned to one or more server groups.

\n

Upload a new deployment, create an unmanaged deployment, or choose a deployment from the content repository. Enable or unassign deployments.

\n
", "

Servlet/HTTP

The Servlet subsystem allows you to configure the servlet/JSP configuration of the Web subsystem.
\n", "\n
\n\n

Socket Bindings

\n Socket bindings and socket binding groups allow you to define network\n ports and their relationship to the networking interfaces required for\n a configuration profile.\n\n
", "

SuperUser

The SuperUser role has no restrictions and has complete access to all resources and operations of the server, including the audit logging system and sensitive data. This role is equivalent to the administrator users of earlier versions. If RBAC is disabled, all management users have permissions equivalent to the SuperUser role.

\n", "

Threads

The Threads subsystem allows you to create and configure thread pools.
", "

Transactions

The Transactions subsystem allows you to configure transaction manager options, such as timeout values, transaction logging, statistics collection, and whether to use Java Transaction Service (JTS).
\n", "
\n

Unassigned Content

\n

Manage deployments that are not assigned to any server group.

\n

Assign deployments to server groups or remove deployments. Deployments that have been assigned to one or more server group can be found in the Server Groups section.

\n
\n", "
\n

Filters

\n Configuration for Undertow filters to filter and modify requests.\n
\n", "
\n

Undertow

\n The Undertow (Web/HTTP) subsystem allows you to configure the web server and servlet container settings.\n
\n", "
\n\n

Users

\n

Manage users and the roles assigned to each user.

\n\n
", "

Web Services

The Web Services subsystem allows you to configure the host name, ports, and WSDL address for the web services provider.
\n"]