puppet-zanata/templates/wildfly-10-standalone.xml.erb
Frank Kloeker e1fb24b955 Preparation for Zanata 4 version upgrade
There are some different changes in standalone.xml between
Zanata version 3 and 4. A version flag is implemented to
rollout the right version from template dir. For backwards
compatibility Zanata version 3 and 4 are supported yet.
Wildfly 9 stuff is removed because we have still Wildfly 10
running. That simplifies the manifest. Switch download URLs
to github, so there is also a standard to fetch files.

Change-Id: I5ada09cad7a19296802b22c2c3488ca547f2f14e
hint: http://docs.zanata.org/en/release/release-notes/#400
2017-11-27 22:32:41 +01:00

733 lines
36 KiB
Plaintext

<?xml version='1.0' encoding='UTF-8'?>
<server xmlns="urn:jboss:domain:4.0">
<extensions>
<extension module="org.jboss.as.clustering.infinispan" />
<extension module="org.jboss.as.connector" />
<extension module="org.jboss.as.deployment-scanner" />
<extension module="org.jboss.as.ee" />
<extension module="org.jboss.as.ejb3" />
<extension module="org.jboss.as.jaxrs" />
<extension module="org.jboss.as.jdr" />
<extension module="org.jboss.as.jmx" />
<extension module="org.jboss.as.jpa" />
<extension module="org.jboss.as.jsf" />
<extension module="org.jboss.as.jsr77" />
<extension module="org.jboss.as.logging" />
<extension module="org.jboss.as.mail" />
<extension module="org.jboss.as.naming" />
<extension module="org.jboss.as.pojo" />
<extension module="org.jboss.as.remoting" />
<extension module="org.jboss.as.sar" />
<extension module="org.jboss.as.security" />
<extension module="org.jboss.as.transactions" />
<extension module="org.jboss.as.webservices" />
<extension module="org.jboss.as.weld" />
<extension module="org.wildfly.extension.batch.jberet" />
<extension module="org.wildfly.extension.bean-validation" />
<extension module="org.wildfly.extension.io" />
<extension module="org.wildfly.extension.messaging-activemq" />
<extension module="org.wildfly.extension.request-controller" />
<extension module="org.wildfly.extension.security.manager" />
<extension module="org.wildfly.extension.undertow" />
</extensions>
<system-properties>
<% if @zanata_main_version.to_i < 4 -%>
<property name="javamelody.storage-directory" value="<%= @zanata_storage_dir %>/stats"/>
<property name="hibernate.search.default.indexBase" value="<%= @zanata_storage_dir %>/indexes"/>
<property name="ehcache.disk.store.dir" value="<%= @zanata_storage_dir %>/ehcache"/>
<property name="jboss.as.management.blocking.timeout" value="1000"/>
<% else -%>
<property name="javamelody.storage-directory" value="<%= @zanata_storage_dir %>/stats"/>
<property name="hibernate.search.default.indexBase" value="<%= @zanata_storage_dir %>/indexes"/>
<property name="jboss.as.management.blocking.timeout" value="1000"/>
<property name="zanata.security.authpolicy.internal" value="zanata.internal"/>
<property name="zanata.security.authpolicy.openid" value="zanata.openid"/>
<% if @zanata_admin_users != '' -%>
<property name="zanata.security.adminusers" value="<%= @zanata_admin_users %>"/>
<% else -%>
<property name="zanata.security.adminusers" value="admin"/>
<% end -%>
<property name="zanata.file.directory" value="<%= @zanata_storage_dir %>/files"/>
<property name="zanata.email.defaultfromaddress" value="<%= @zanata_default_from_address %>"/>
<% if @zanata_smtp_host != '' -%>
<property name="zanata.smtp.host" value="<%= @zanata_smtp_host %>" />
<% end -%>
<% if @zanata_smtp_port != '' -%>
<property name="zanata.smtp.port" value="<%= @zanata_smtp_port %>" />
<% end -%>
<% if @zanata_smtp_username != '' -%>
<property name="zanata.smtp.username" value="<%= @zanata_smtp_username %>" />
<% end -%>
<% if @zanata_smtp_password != '' -%>
<property name="zanata.smtp.password" value="<%= @zanata_smtp_password %>" />
<% end -%>
<% if @zanata_smtp_tls != '' -%>
<property name="zanata.smtp.tls" value="<%= @zanata_smtp_tls %>" />
<% end -%>
<% if @zanata_smtp_ssl != '' -%>
<property name="zanata.smtp.ssl" value="<%= @zanata_smtp_ssl %>" />
<% end -%>
<% end -%>
</system-properties>
<management>
<security-realms>
<security-realm name="ManagementRealm">
<authentication>
<local default-user="$local" skip-group-loading="true" />
<properties path="mgmt-users.properties"
relative-to="jboss.server.config.dir" />
</authentication>
<authorization map-groups-to-roles="false">
<properties path="mgmt-groups.properties"
relative-to="jboss.server.config.dir" />
</authorization>
</security-realm>
<security-realm name="ApplicationRealm">
<authentication>
<local default-user="$local" allowed-users="*"
skip-group-loading="true" />
<properties path="application-users.properties"
relative-to="jboss.server.config.dir" />
</authentication>
<authorization>
<properties path="application-roles.properties"
relative-to="jboss.server.config.dir" />
</authorization>
</security-realm>
</security-realms>
<audit-log>
<formatters>
<json-formatter name="json-formatter" />
</formatters>
<handlers>
<file-handler name="file" formatter="json-formatter"
path="audit-log.log" relative-to="jboss.server.data.dir" />
</handlers>
<logger log-boot="true" log-read-only="false" enabled="false">
<handlers>
<handler name="file" />
</handlers>
</logger>
</audit-log>
<management-interfaces>
<http-interface security-realm="ManagementRealm"
http-upgrade-enabled="true">
<socket-binding http="management-http" />
</http-interface>
</management-interfaces>
<access-control provider="simple">
<role-mapping>
<role name="SuperUser">
<include>
<user name="$local" />
</include>
</role>
</role-mapping>
</access-control>
</management>
<profile>
<subsystem xmlns="urn:jboss:domain:logging:3.0">
<console-handler name="CONSOLE">
<level name="INFO" />
<formatter>
<named-formatter name="COLOR-PATTERN" />
</formatter>
</console-handler>
<periodic-rotating-file-handler name="FILE" autoflush="true">
<formatter>
<named-formatter name="PATTERN" />
</formatter>
<file relative-to="jboss.server.log.dir" path="server.log" />
<suffix value=".yyyy-MM-dd" />
<append value="true" />
</periodic-rotating-file-handler>
<logger category="com.arjuna">
<level name="WARN" />
</logger>
<!-- JDBC connection allocation/release will be logged to server.log -->
<logger
category="org.hibernate.engine.jdbc.internal.LogicalConnectionImpl">
<level name="DEBUG" />
</logger>
<!-- More info about JDBC connections will be logged to server.log -->
<logger category="org.hibernate.engine.jdbc.internal.JdbcCoordinatorImpl">
<level name="DEBUG" />
</logger>
<logger category="org.jboss.as.config">
<level name="DEBUG" />
</logger>
<!-- Disable some startup warnings triggered by third-party jars -->
<logger category="org.jboss.as.server.deployment">
<filter-spec value="not(any( match(&quot;JBAS015960&quot;), match(&quot;JBAS015893&quot;) ))"/>
</logger>
<!-- Disable WARN about GWT's org.hibernate.validator.ValidationMessages -->
<logger category="org.jboss.modules">
<level name="ERROR"/>
</logger>
<!-- Disable WARN: "RP discovery / realm validation disabled;" -->
<logger category="org.openid4java.server.RealmVerifier">
<level name="ERROR"/>
</logger>
<!-- Disable WARN: "JMS API was found on the classpath..." -->
<logger category="org.richfaces.log.Application">
<filter-spec value="not( match(&quot;JMS API was found on the classpath&quot;) )"/>
</logger>
<!-- Disable WARN: "Queue with name '...' has already been registered" -->
<logger category="org.richfaces.log.Components">
<level name="ERROR"/>
</logger>
<!-- Enable if you want to log all HTTP requests to server.log: -->
<!--<logger category="org.zanata.requests">-->
<!--<level name="DEBUG"/>-->
<!--</logger>-->
<logger category="sun.rmi">
<level name="WARN" />
</logger>
<logger category="jacorb">
<level name="WARN" />
</logger>
<logger category="jacorb.config">
<level name="ERROR" />
</logger>
<root-logger>
<level name="INFO" />
<handlers>
<handler name="CONSOLE" />
<handler name="FILE" />
</handlers>
</root-logger>
<formatter name="PATTERN">
<pattern-formatter
pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n" />
</formatter>
<formatter name="COLOR-PATTERN">
<pattern-formatter
pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n" />
</formatter>
</subsystem>
<subsystem xmlns="urn:jboss:domain:batch-jberet:1.0">
<default-job-repository name="in-memory" />
<default-thread-pool name="batch" />
<job-repository name="in-memory">
<in-memory />
</job-repository>
<thread-pool name="batch">
<max-threads count="10" />
<keepalive-time time="30" unit="seconds" />
</thread-pool>
</subsystem>
<subsystem xmlns="urn:jboss:domain:bean-validation:1.0" />
<subsystem xmlns="urn:jboss:domain:datasources:4.0">
<datasources>
<datasource jndi-name="java:jboss/datasources/zanataDatasource" pool-name="zanataDatasource" enabled="true" use-ccm="true">
<connection-url>jdbc:mysql://<%= @mysql_host %>:<%= @mysql_port %>/zanata?characterEncoding=UTF-8</connection-url>
<driver-class>com.mysql.jdbc.Driver</driver-class>
<driver>mysql-connector-java.jar</driver>
<pool>
<min-pool-size>0</min-pool-size>
<max-pool-size>20</max-pool-size>
<flush-strategy>FailingConnectionOnly</flush-strategy>
</pool>
<security>
<user-name><%= @zanata_db_username %></user-name>
<% if @zanata_db_password != '' -%>
<password><%= @zanata_db_password %></password>
<% end -%>
</security>
<statement>
<track-statements>NOWARN</track-statements>
</statement>
<validation>
<validate-on-match>true</validate-on-match>
<background-validation>false</background-validation>
<valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLValidConnectionChecker"></valid-connection-checker>
<exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLExceptionSorter"></exception-sorter>
</validation>
</datasource>
<datasource jndi-name="java:jboss/datasources/ExampleDS"
pool-name="ExampleDS" enabled="true" use-java-context="true">
<connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
<driver>h2</driver>
<security>
<user-name>sa</user-name>
<password>sa</password>
</security>
</datasource>
<drivers>
<driver name="h2" module="com.h2database.h2">
<xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>
</drivers>
</datasources>
</subsystem>
<subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0">
<deployment-scanner path="deployments" relative-to="jboss.server.base.dir"
scan-interval="5000"
runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}" />
</subsystem>
<subsystem xmlns="urn:jboss:domain:ee:4.0">
<spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>
<concurrent>
<context-services>
<context-service name="default"
jndi-name="java:jboss/ee/concurrency/context/default"
use-transaction-setup-provider="true" />
</context-services>
<managed-thread-factories>
<managed-thread-factory name="default"
jndi-name="java:jboss/ee/concurrency/factory/default"
context-service="default" />
</managed-thread-factories>
<managed-executor-services>
<managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/>
</managed-executor-services>
<managed-scheduled-executor-services>
<managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/>
</managed-scheduled-executor-services>
</concurrent>
<default-bindings
context-service="java:jboss/ee/concurrency/context/default"
datasource="java:jboss/datasources/ExampleDS"
jms-connection-factory="java:jboss/DefaultJMSConnectionFactory"
managed-executor-service="java:jboss/ee/concurrency/executor/default"
managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default"
managed-thread-factory="java:jboss/ee/concurrency/factory/default" />
</subsystem>
<subsystem xmlns="urn:jboss:domain:ejb3:4.0">
<session-bean>
<stateful default-access-timeout="5000" cache-ref="simple"
passivation-disabled-cache-ref="simple" />
<stateless>
<bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
</stateless>
<singleton default-access-timeout="5000" />
</session-bean>
<mdb>
<resource-adapter-ref
resource-adapter-name="${ejb.resource-adapter-name:activemq-ra.rar}" />
<bean-instance-pool-ref pool-name="mdb-strict-max-pool" />
</mdb>
<pools>
<bean-instance-pools>
<!-- Automatically configure pools. Alternatively, max-pool-size can be set to a specific value -->
<strict-max-pool name="slsb-strict-max-pool" derive-size="from-worker-pools" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
<strict-max-pool name="mdb-strict-max-pool" derive-size="from-cpu-count" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
</bean-instance-pools>
</pools>
<caches>
<cache name="simple" />
<cache name="distributable" passivation-store-ref="infinispan"
aliases="passivating clustered" />
</caches>
<passivation-stores>
<passivation-store name="infinispan" cache-container="ejb"
max-size="10000" />
</passivation-stores>
<async thread-pool-name="default" />
<timer-service thread-pool-name="default"
default-data-store="default-file-store">
<data-stores>
<file-data-store name="default-file-store" path="timer-service-data"
relative-to="jboss.server.data.dir" />
</data-stores>
</timer-service>
<remote connector-ref="http-remoting-connector"
thread-pool-name="default" />
<thread-pools>
<thread-pool name="default">
<max-threads count="10" />
<keepalive-time time="100" unit="milliseconds" />
</thread-pool>
</thread-pools>
<iiop enable-by-default="false" use-qualified-name="false" />
<default-security-domain value="other" />
<default-missing-method-permissions-deny-access value="true" />
<log-system-exceptions value="true" />
</subsystem>
<subsystem xmlns="urn:jboss:domain:io:1.1">
<worker name="default" />
<buffer-pool name="default" />
</subsystem>
<subsystem xmlns="urn:jboss:domain:infinispan:4.0">
<cache-container name="server" module="org.wildfly.clustering.server"
default-cache="default">
<local-cache name="default">
<transaction mode="BATCH" />
</local-cache>
</cache-container>
<cache-container name="web" module="org.wildfly.clustering.web.infinispan"
default-cache="passivation">
<local-cache name="passivation">
<locking isolation="REPEATABLE_READ" />
<transaction mode="BATCH" />
<file-store passivation="true" purge="false" />
</local-cache>
<local-cache name="persistent">
<locking isolation="REPEATABLE_READ" />
<transaction mode="BATCH" />
<file-store passivation="false" purge="false" />
</local-cache>
</cache-container>
<cache-container name="ejb" aliases="sfsb"
module="org.wildfly.clustering.ejb.infinispan"
default-cache="passivation">
<local-cache name="passivation">
<locking isolation="REPEATABLE_READ" />
<transaction mode="BATCH" />
<file-store passivation="true" purge="false" />
</local-cache>
<local-cache name="persistent">
<locking isolation="REPEATABLE_READ" />
<transaction mode="BATCH" />
<file-store passivation="false" purge="false" />
</local-cache>
</cache-container>
<cache-container name="hibernate" module="org.hibernate.infinispan"
default-cache="local-query">
<local-cache name="entity">
<transaction mode="NON_XA" />
<eviction max-entries="10000" strategy="LRU" />
<expiration max-idle="100000" />
</local-cache>
<local-cache name="local-query">
<eviction max-entries="10000" strategy="LRU" />
<expiration max-idle="100000" />
</local-cache>
<local-cache name="timestamps" />
</cache-container>
<!--
Zanata multi-purpose caches.
-->
<cache-container name="zanata"
module="org.jboss.as.clustering.web.infinispan" default-cache="default"
jndi-name="java:jboss/infinispan/container/zanata">
<local-cache name="default">
<transaction mode="NON_XA" />
<eviction max-entries="10000" strategy="LRU" />
<expiration max-idle="100000" />
</local-cache>
</cache-container>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jaxrs:1.0" />
<subsystem xmlns="urn:jboss:domain:jca:4.0">
<archive-validation enabled="true" fail-on-error="true"
fail-on-warn="false" />
<bean-validation enabled="true" />
<default-workmanager>
<short-running-threads>
<core-threads count="50" />
<queue-length count="50" />
<max-threads count="50" />
<keepalive-time time="10" unit="seconds" />
</short-running-threads>
<long-running-threads>
<core-threads count="50" />
<queue-length count="50" />
<max-threads count="50" />
<keepalive-time time="10" unit="seconds" />
</long-running-threads>
</default-workmanager>
<cached-connection-manager debug="true" error="true" />
</subsystem>
<subsystem xmlns="urn:jboss:domain:jdr:1.0" />
<subsystem xmlns="urn:jboss:domain:jmx:1.3">
<expose-resolved-model />
<expose-expression-model />
<remoting-connector />
</subsystem>
<subsystem xmlns="urn:jboss:domain:jpa:1.1">
<jpa default-datasource=""
default-extended-persistence-inheritance="DEEP" />
</subsystem>
<subsystem xmlns="urn:jboss:domain:jsf:1.0" />
<subsystem xmlns="urn:jboss:domain:jsr77:1.0" />
<subsystem xmlns="urn:jboss:domain:mail:2.0">
<mail-session name="default" jndi-name="java:jboss/mail/Default">
<smtp-server outbound-socket-binding-ref="mail-smtp" />
</mail-session>
</subsystem>
<subsystem xmlns="urn:jboss:domain:messaging-activemq:1.0">
<server name="default">
<security-setting name="#">
<role name="guest" delete-non-durable-queue="true"
create-non-durable-queue="true" consume="true" send="true" />
</security-setting>
<address-setting name="#" message-counter-history-day-limit="10"
page-size-bytes="2097152" max-size-bytes="10485760"
expiry-address="jms.queue.ExpiryQueue"
dead-letter-address="jms.queue.DLQ" />
<http-connector name="http-connector" socket-binding="http" endpoint="http-acceptor"/>
<http-connector name="http-connector-throughput" socket-binding="http" endpoint="http-acceptor-throughput">
<param name="batch-delay" value="50" />
</http-connector>
<in-vm-connector name="in-vm" server-id="0" />
<http-acceptor name="http-acceptor" http-listener="default" />
<http-acceptor name="http-acceptor-throughput" http-listener="default">
<param name="batch-delay" value="50" />
<param name="direct-deliver" value="false" />
</http-acceptor>
<in-vm-acceptor name="in-vm" server-id="0" />
<jms-queue name="ExpiryQueue" entries="java:/jms/queue/ExpiryQueue" />
<jms-queue name="DLQ" entries="java:/jms/queue/DLQ" />
<jms-queue name="MailsQueue" entries="java:/jms/queue/MailsQueue" />
<connection-factory name="InVmConnectionFactory"
entries="java:/ConnectionFactory" connectors="in-vm" />
<connection-factory name="RemoteConnectionFactory"
entries="java:jboss/exported/jms/RemoteConnectionFactory"
connectors="http-connector" />
<pooled-connection-factory name="activemq-ra" transaction="xa"
entries="java:/JmsXA java:jboss/DefaultJMSConnectionFactory"
connectors="in-vm" />
</server>
</subsystem>
<subsystem xmlns="urn:jboss:domain:naming:2.0">
<bindings>
<% if @zanata_main_version.to_i < 4 -%>
<% if @zanata_openid_provider_url == '' -%>
<simple name="java:global/zanata/security/auth-policy-names/internal" value="zanata.internal"/>
<% end -%>
<simple name="java:global/zanata/security/auth-policy-names/openid" value="zanata.openid"/>
<% if @zanata_admin_users != '' -%>
<simple name="java:global/zanata/security/admin-users" value="<%= @zanata_admin_users %>"/>
<% else -%>
<simple name="java:global/zanata/security/admin-users" value="admin"/>
<% end -%>
<simple name="java:global/zanata/files/document-storage-directory" value="<%= @zanata_storage_dir %>/files"/>
<simple name="java:global/zanata/email/default-from-address" value="<%= @zanata_default_from_address %>"/>
<% if @zanata_smtp_host != '' -%>
<simple name="java:global/zanata/smtp/host" value="<%= @zanata_smtp_host %>" />
<% end -%>
<% if @zanata_smtp_port != '' -%>
<simple name="java:global/zanata/smtp/port" value="<%= @zanata_smtp_port %>" />
<% end -%>
<% if @zanata_smtp_username != '' -%>
<simple name="java:global/zanata/smtp/username" value="<%= @zanata_smtp_username %>" />
<% end -%>
<% if @zanata_smtp_password != '' -%>
<simple name="java:global/zanata/smtp/password" value="<%= @zanata_smtp_password %>" />
<% end -%>
<% if @zanata_smtp_tls != '' -%>
<simple name="java:global/zanata/smtp/tls" value="<%= @zanata_smtp_tls %>" />
<% end -%>
<% if @zanata_smtp_ssl != '' -%>
<simple name="java:global/zanata/smtp/ssl" value="<%= @zanata_smtp_ssl %>" />
<% end -%>
<% end -%>
</bindings>
<remote-naming />
</subsystem>
<subsystem xmlns="urn:jboss:domain:pojo:1.0" />
<subsystem xmlns="urn:jboss:domain:remoting:3.0">
<endpoint />
<http-connector name="http-remoting-connector" connector-ref="default"
security-realm="ApplicationRealm" />
</subsystem>
<subsystem xmlns="urn:jboss:domain:resource-adapters:4.0" />
<subsystem xmlns="urn:jboss:domain:request-controller:1.0" />
<subsystem xmlns="urn:jboss:domain:sar:1.0" />
<subsystem xmlns="urn:jboss:domain:security-manager:1.0">
<deployment-permissions>
<maximum-set>
<permission class="java.security.AllPermission" />
</maximum-set>
</deployment-permissions>
</subsystem>
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="zanata">
<authentication>
<login-module code="org.zanata.security.ZanataCentralLoginModule"
flag="required" />
</authentication>
</security-domain>
<!-- Zanata Internal authentication login module -->
<security-domain name="zanata.internal">
<authentication>
<login-module code="org.zanata.security.jaas.InternalLoginModule"
flag="required" />
</authentication>
</security-domain>
<!-- Zanata Open Id authentication login module -->
<security-domain name="zanata.openid">
<authentication>
<login-module code="org.zanata.security.OpenIdLoginModule"
flag="required" >
<% if @zanata_openid_provider_url != '' -%>
<module-option name="providerURL" value="<%= @zanata_openid_provider_url %>" />
<% end -%>
</login-module>
</authentication>
</security-domain>
<!-- Zanata JAAS (custom) authentication login module -->
<security-domain name="zanata.jaas">
<authentication>
<login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<module-option name="dsJndiName" value="java:authdb" />
<module-option name="principalsQuery"
value="SELECT password FROM users WHERE username = ?" />
<module-option name="rolesQuery"
value="select '','' FROM users WHERE username = ?" />
<module-option name="hashAlgorithm" value="md5" />
<module-option name="hashEncoding" value="hex" />
</login-module>
</authentication>
</security-domain>
<security-domain name="zanata.kerberos">
<authentication>
<login-module code="org.jboss.security.negotiation.spnego.SPNEGOLoginModule" flag="sufficient">
<module-option name="password-stacking" value="useFirstPass"/>
<module-option name="serverSecurityDomain" value="host"/>
<module-option name="removeRealmFromPrincipal" value="true"/>
<module-option name="usernamePasswordDomain" value="krb5"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="krb5">
<authentication>
<login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="sufficient">
<module-option name="storePass" value="false"/>
<module-option name="clearPass" value="true"/>
<module-option name="debug" value="true"/>
<module-option name="doNotPrompt" value="false"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="host">
<authentication>
<login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required">
<module-option name="storeKey" value="true"/>
<module-option name="useKeyTab" value="true"/>
<module-option name="principal" value="HTTP/zanata-master-kerberos.lab.eng.bne.redhat.com@REDHAT.COM"/>
<module-option name="keyTab" value="/usr/share/jbossas/standalone/configuration/jboss.keytab"/>
<module-option name="doNotPrompt" value="true"/>
<module-option name="debug" value="true"/>
</login-module>
</authentication>
</security-domain>
<!-- For other Zanata authentication options, see
http://docs.zanata.org/en/release/user-guide/system-admin/configuration/authentication/ -->
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass" />
</login-module>
<login-module code="RealmDirect" flag="required">
<module-option name="password-stacking" value="useFirstPass" />
</login-module>
</authentication>
</security-domain>
<security-domain name="jboss-web-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required" />
</authorization>
</security-domain>
<security-domain name="jboss-ejb-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required" />
</authorization>
</security-domain>
</security-domains>
</subsystem>
<subsystem xmlns="urn:jboss:domain:transactions:3.0">
<core-environment>
<process-id>
<uuid />
</process-id>
</core-environment>
<recovery-environment socket-binding="txn-recovery-environment"
status-socket-binding="txn-status-manager" />
</subsystem>
<subsystem xmlns="urn:jboss:domain:undertow:3.0">
<buffer-cache name="default" />
<server name="default-server">
<% @zanata_listeners.each do |listener| -%>
<% if listener == 'https' -%>
<% @listener_realm = ' security-realm="ApplicationRealm"' -%>
<% else -%>
<% @listener_realm = '' -%>
<% end -%>
<<%= listener %>-listener name="default.<%= listener %>" socket-binding="<%= listener %>"<%= @listener_realm %>/>
<% end -%>
<http-listener name="default" socket-binding="http"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content" />
<filter-ref name="server-header" />
<filter-ref name="x-powered-by-header" />
</host>
</server>
<servlet-container name="default">
<jsp-config />
<websockets />
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content" />
</handlers>
<filters>
<response-header name="server-header" header-value="WildFly/10"
header-name="Server" />
<response-header name="x-powered-by-header" header-value="Undertow/1"
header-name="X-Powered-By" />
</filters>
</subsystem>
<subsystem xmlns="urn:jboss:domain:webservices:2.0">
<wsdl-host>${jboss.bind.address:127.0.0.1}</wsdl-host>
<endpoint-config name="Standard-Endpoint-Config" />
<endpoint-config name="Recording-Endpoint-Config">
<pre-handler-chain name="recording-handlers"
protocol-bindings="##SOAP11_HTTP ##SOAP11_HTTP_MTOM ##SOAP12_HTTP ##SOAP12_HTTP_MTOM">
<handler name="RecordingHandler"
class="org.jboss.ws.common.invocation.RecordingServerHandler" />
</pre-handler-chain>
</endpoint-config>
<client-config name="Standard-Client-Config" />
</subsystem>
<subsystem xmlns="urn:jboss:domain:weld:2.0"/>
</profile>
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}" />
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}" />
</interface>
<interface name="unsecure">
<inet-address value="${jboss.bind.address.unsecure:127.0.0.1}" />
</interface>
</interfaces>
<socket-binding-group name="standard-sockets" default-interface="public"
port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="management-http" interface="management"
port="${jboss.management.http.port:9990}" />
<socket-binding name="management-https" interface="management"
port="${jboss.management.https.port:9993}" />
<socket-binding name="ajp"
port="${jboss.ajp.port:8009}" />
<socket-binding name="http"
port="${jboss.http.port:8080}" />
<socket-binding name="https"
port="${jboss.https.port:8443}" />
<!--
<socket-binding name="iiop" interface="unsecure"
port="${jboss.iiop.port:3528}"/>
<socket-binding name="iiop-ssl" interface="unsecure"
port="${jboss.iiop.ssl.port:3529}"/>
-->
<socket-binding name="remoting" port="4447" />
<socket-binding name="txn-recovery-environment" port="4712" />
<socket-binding name="txn-status-manager" port="4713" />
<outbound-socket-binding name="mail-smtp">
<remote-destination host="localhost" port="25" />
</outbound-socket-binding>
</socket-binding-group>
</server>