WildFly Full 19.1 Model Reference

A security domain definition.

Attributes (13)

default-realm The default realm contained by this security domain.

Attribute	Value
Type	STRING
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

evidence-decoder A reference to an EvidenceDecoder to be used by this domain.

Attribute	Value
Capability reference	/subsystem=elytron/x509-subject-alt-name-evidence-decoder=* /subsystem=elytron/custom-evidence-decoder=* /subsystem=elytron/x500-subject-evidence-decoder=* /subsystem=elytron/aggregate-evidence-decoder=*
Type	STRING
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	no-services

outflow-anonymous When outflowing to a security domain if outflow is not possible should the anonymous identity be used? Outflowing anonymous has the effect of clearing any identity already established for that domain.

Attribute	Value
Default Value	false
Type	BOOLEAN
Nillable	true
Expressions Allowed	true
Storage	configuration
Access Type	read-write
Restart Required	resource-services

outflow-security-domains The list of security domains that the security identity from this domain should automatically outflow to.

Attribute	Value
Capability reference	/subsystem=elytron/security-domain=*
Type	LIST
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

permission-mapper A reference to a PermissionMapper to be used by this domain.

Attribute	Value
Capability reference	/subsystem=elytron/custom-permission-mapper=* /subsystem=elytron/simple-permission-mapper=* /subsystem=elytron/constant-permission-mapper=* /subsystem=elytron/logical-permission-mapper=*
Type	STRING
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

post-realm-principal-transformer A reference to a principal transformer to be applied after the realm has operated on the supplied identity name.

Attribute	Value
Capability reference	/subsystem=elytron/constant-principal-decoder=* /subsystem=elytron/x500-attribute-principal-decoder=* /subsystem=elytron/custom-principal-transformer=* /subsystem=elytron/chained-principal-transformer=* /subsystem=elytron/aggregate-principal-transformer=* /subsystem=elytron/regex-principal-transformer=* /subsystem=elytron/constant-principal-transformer=* /subsystem=elytron/concatenating-principal-decoder=* /subsystem=elytron/regex-validating-principal-transformer=*
Type	STRING
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

pre-realm-principal-transformer A reference to a principal transformer to be applied before the realm is selected.

Attribute	Value
Capability reference	/subsystem=elytron/constant-principal-decoder=* /subsystem=elytron/x500-attribute-principal-decoder=* /subsystem=elytron/custom-principal-transformer=* /subsystem=elytron/chained-principal-transformer=* /subsystem=elytron/aggregate-principal-transformer=* /subsystem=elytron/regex-principal-transformer=* /subsystem=elytron/constant-principal-transformer=* /subsystem=elytron/concatenating-principal-decoder=* /subsystem=elytron/regex-validating-principal-transformer=*
Type	STRING
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

principal-decoder A reference to a PrincipalDecoder to be used by this domain.

Attribute	Value
Capability reference	/subsystem=elytron/constant-principal-decoder=* /subsystem=elytron/x500-attribute-principal-decoder=* /subsystem=elytron/concatenating-principal-decoder=* /subsystem=elytron/custom-principal-decoder=* /subsystem=elytron/aggregate-principal-decoder=*
Type	STRING
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

realm-mapper Reference to the RealmMapper to be used by this domain.

Attribute	Value
Capability reference	/subsystem=elytron/constant-realm-mapper=* /subsystem=elytron/mapped-regex-realm-mapper=* /subsystem=elytron/simple-regex-realm-mapper=* /subsystem=elytron/custom-realm-mapper=*
Type	STRING
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

realms The list of realms contained by this security domain.

Attribute	Value
Type	LIST
Nillable	false
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

role-mapper Reference to the RoleMapper to be used by this domain.

Attribute	Value
Capability reference	/subsystem=elytron/add-prefix-role-mapper=* /subsystem=elytron/custom-role-mapper=* /subsystem=elytron/constant-role-mapper=* /subsystem=elytron/add-suffix-role-mapper=* /subsystem=elytron/mapped-role-mapper=* /subsystem=elytron/logical-role-mapper=* /subsystem=elytron/aggregate-role-mapper=*
Type	STRING
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

security-event-listener Reference to a listener for security events.

Attribute	Value
Capability reference	/subsystem=elytron/periodic-rotating-file-audit-log=* /subsystem=elytron/aggregate-security-event-listener=* /subsystem=elytron/file-audit-log=* /subsystem=elytron/custom-security-event-listener=* /subsystem=elytron/size-rotating-file-audit-log=* /subsystem=elytron/syslog-audit-log=*
Type	STRING
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

trusted-security-domains The list of security domains that are trusted by this security domain.

Attribute	Value
Capability reference	/subsystem=elytron/security-domain=*
Type	LIST
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	resource-services

Operations (3)

add The add operation for a security domain definition.

Request Parameter	Type	Required	Expressions Allowed	Default value	Description
default-realm	STRING	false	false		The default realm contained by this security domain.
evidence-decoder	STRING	false	false		A reference to an EvidenceDecoder to be used by this domain.
outflow-anonymous	BOOLEAN	false	true	false	When outflowing to a security domain if outflow is not possible should the anonymous identity be used? Outflowing anonymous has the effect of clearing any identity already established for that domain.
outflow-security-domains	LIST	false	false		The list of security domains that the security identity from this domain should automatically outflow to.
permission-mapper	STRING	false	false		A reference to a PermissionMapper to be used by this domain.
post-realm-principal-transformer	STRING	false	false		A reference to a principal transformer to be applied after the realm has operated on the supplied identity name.
pre-realm-principal-transformer	STRING	false	false		A reference to a principal transformer to be applied before the realm is selected.
principal-decoder	STRING	false	false		A reference to a PrincipalDecoder to be used by this domain.
realm-mapper	STRING	false	false		Reference to the RealmMapper to be used by this domain.
realms	LIST	true	false		The list of realms contained by this security domain.
role-mapper	STRING	false	false		Reference to the RoleMapper to be used by this domain.
security-event-listener	STRING	false	false		Reference to a listener for security events.
trusted-security-domains	LIST	false	false		The list of security domains that are trusted by this security domain.

read-identity Reads an identity from a security domain if it exists.

Request Parameter Type Required Expressions Allowed Default value Description

name STRING true false The name of the identity to read.
remove The remove operation for a security domain definition.