Merge "Create a script to generate a Topology"
[oam.git] / solution / integration / smo / common / identity / standalone.xml
1 <?xml version='1.0' encoding='UTF-8'?>
2
3 <server xmlns="urn:jboss:domain:14.0">
4     <extensions>
5         <extension module="org.jboss.as.clustering.infinispan"/>
6         <extension module="org.jboss.as.connector"/>
7         <extension module="org.jboss.as.deployment-scanner"/>
8         <extension module="org.jboss.as.ee"/>
9         <extension module="org.jboss.as.ejb3"/>
10         <extension module="org.jboss.as.jaxrs"/>
11         <extension module="org.jboss.as.jmx"/>
12         <extension module="org.jboss.as.jpa"/>
13         <extension module="org.jboss.as.logging"/>
14         <extension module="org.jboss.as.mail"/>
15         <extension module="org.jboss.as.naming"/>
16         <extension module="org.jboss.as.remoting"/>
17         <extension module="org.jboss.as.security"/>
18         <extension module="org.jboss.as.transactions"/>
19         <extension module="org.jboss.as.weld"/>
20         <extension module="org.keycloak.keycloak-server-subsystem"/>
21         <extension module="org.wildfly.extension.bean-validation"/>
22         <extension module="org.wildfly.extension.core-management"/>
23         <extension module="org.wildfly.extension.elytron"/>
24         <extension module="org.wildfly.extension.io"/>
25         <extension module="org.wildfly.extension.microprofile.config-smallrye"/>
26         <extension module="org.wildfly.extension.microprofile.health-smallrye"/>
27         <extension module="org.wildfly.extension.microprofile.metrics-smallrye"/>
28         <extension module="org.wildfly.extension.request-controller"/>
29         <extension module="org.wildfly.extension.security.manager"/>
30         <extension module="org.wildfly.extension.undertow"/>
31     </extensions>
32     <management>
33         <security-realms>
34             <security-realm name="ManagementRealm">
35                 <authentication>
36                     <local default-user="$local" skip-group-loading="true"/>
37                     <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
38                 </authentication>
39                 <authorization map-groups-to-roles="false">
40                     <properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
41                 </authorization>
42             </security-realm>
43             <security-realm name="ApplicationRealm">
44                 <server-identities>
45                     <ssl>
46                         <keystore path="application.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/>
47                     </ssl>
48                 </server-identities>
49                 <authentication>
50                     <local default-user="$local" allowed-users="*" skip-group-loading="true"/>
51                     <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
52                 </authentication>
53                 <authorization>
54                     <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
55                 </authorization>
56             </security-realm>
57         </security-realms>
58         <audit-log>
59             <formatters>
60                 <json-formatter name="json-formatter"/>
61             </formatters>
62             <handlers>
63                 <file-handler name="file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/>
64             </handlers>
65             <logger log-boot="true" log-read-only="false" enabled="false">
66                 <handlers>
67                     <handler name="file"/>
68                 </handlers>
69             </logger>
70         </audit-log>
71         <management-interfaces>
72             <http-interface security-realm="ManagementRealm">
73                 <http-upgrade enabled="true"/>
74                 <socket-binding http="management-http"/>
75             </http-interface>
76         </management-interfaces>
77         <access-control provider="simple">
78             <role-mapping>
79                 <role name="SuperUser">
80                     <include>
81                         <user name="$local"/>
82                     </include>
83                 </role>
84             </role-mapping>
85         </access-control>
86     </management>
87     <profile>
88         <subsystem xmlns="urn:jboss:domain:logging:8.0">
89             <console-handler name="CONSOLE">
90                 <formatter>
91                     <named-formatter name="COLOR-PATTERN"/>
92                 </formatter>
93             </console-handler>
94             <logger category="com.arjuna">
95                 <level name="WARN"/>
96             </logger>
97             <logger category="io.jaegertracing.Configuration">
98                 <level name="WARN"/>
99             </logger>
100             <logger category="org.jboss.as.config">
101                 <level name="DEBUG"/>
102             </logger>
103             <logger category="sun.rmi">
104                 <level name="WARN"/>
105             </logger>
106             <logger category="org.keycloak">
107                 <level name="${env.KEYCLOAK_LOGLEVEL:INFO}"/>
108             </logger>
109             <root-logger>
110                 <level name="${env.ROOT_LOGLEVEL:INFO}"/>
111                 <handlers>
112                     <handler name="CONSOLE"/>
113                 </handlers>
114             </root-logger>
115             <formatter name="PATTERN">
116                 <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
117             </formatter>
118             <formatter name="COLOR-PATTERN">
119                 <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
120             </formatter>
121         </subsystem>
122         <subsystem xmlns="urn:jboss:domain:bean-validation:1.0"/>
123         <subsystem xmlns="urn:jboss:domain:core-management:1.0"/>
124         <subsystem xmlns="urn:jboss:domain:datasources:6.0">
125             <datasources>
126                 <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true" statistics-enabled="${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}}">
127                     <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
128                     <driver>h2</driver>
129                     <security>
130                         <user-name>sa</user-name>
131                         <password>sa</password>
132                     </security>
133                 </datasource>
134                 <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true" statistics-enabled="${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}}">
135                     <connection-url>jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE</connection-url>
136                     <driver>h2</driver>
137                     <security>
138                         <user-name>sa</user-name>
139                         <password>sa</password>
140                     </security>
141                 </datasource>
142                 <drivers>
143                     <driver name="h2" module="com.h2database.h2">
144                         <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
145                     </driver>
146                 </drivers>
147             </datasources>
148         </subsystem>
149         <subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0">
150             <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/>
151         </subsystem>
152         <subsystem xmlns="urn:jboss:domain:ee:5.0">
153             <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>
154             <concurrent>
155                 <context-services>
156                     <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="true"/>
157                 </context-services>
158                 <managed-thread-factories>
159                     <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/>
160                 </managed-thread-factories>
161                 <managed-executor-services>
162                     <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/>
163                 </managed-executor-services>
164                 <managed-scheduled-executor-services>
165                     <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/>
166                 </managed-scheduled-executor-services>
167             </concurrent>
168             <default-bindings context-service="java:jboss/ee/concurrency/context/default" datasource="java:jboss/datasources/ExampleDS" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/>
169         </subsystem>
170         <subsystem xmlns="urn:jboss:domain:ejb3:8.0">
171             <session-bean>
172                 <stateless>
173                     <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
174                 </stateless>
175                 <stateful default-access-timeout="5000" cache-ref="simple" passivation-disabled-cache-ref="simple"/>
176                 <singleton default-access-timeout="5000"/>
177             </session-bean>
178             <pools>
179                 <bean-instance-pools>
180                     <strict-max-pool name="mdb-strict-max-pool" derive-size="from-cpu-count" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
181                     <strict-max-pool name="slsb-strict-max-pool" derive-size="from-worker-pools" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
182                 </bean-instance-pools>
183             </pools>
184             <caches>
185                 <cache name="simple"/>
186                 <cache name="distributable" passivation-store-ref="infinispan" aliases="passivating clustered"/>
187             </caches>
188             <passivation-stores>
189                 <passivation-store name="infinispan" cache-container="ejb" max-size="10000"/>
190             </passivation-stores>
191             <async thread-pool-name="default"/>
192             <timer-service thread-pool-name="default" default-data-store="default-file-store">
193                 <data-stores>
194                     <file-data-store name="default-file-store" path="timer-service-data" relative-to="jboss.server.data.dir"/>
195                 </data-stores>
196             </timer-service>
197             <remote cluster="ejb" connectors="http-remoting-connector" thread-pool-name="default">
198                 <channel-creation-options>
199                     <option name="MAX_OUTBOUND_MESSAGES" value="1234" type="remoting"/>
200                 </channel-creation-options>
201             </remote>
202             <thread-pools>
203                 <thread-pool name="default">
204                     <max-threads count="10"/>
205                     <keepalive-time time="60" unit="seconds"/>
206                 </thread-pool>
207             </thread-pools>
208             <default-security-domain value="other"/>
209             <default-missing-method-permissions-deny-access value="true"/>
210             <statistics enabled="${wildfly.ejb3.statistics-enabled:${wildfly.statistics-enabled:false}}"/>
211             <log-system-exceptions value="true"/>
212         </subsystem>
213         <subsystem xmlns="urn:wildfly:elytron:11.0" final-providers="combined-providers" disallowed-providers="OracleUcrypto">
214             <providers>
215                 <aggregate-providers name="combined-providers">
216                     <providers name="elytron"/>
217                     <providers name="openssl"/>
218                 </aggregate-providers>
219                 <provider-loader name="elytron" module="org.wildfly.security.elytron"/>
220                 <provider-loader name="openssl" module="org.wildfly.openssl"/>
221             </providers>
222             <audit-logging>
223                 <file-audit-log name="local-audit" path="audit.log" relative-to="jboss.server.log.dir" format="JSON"/>
224             </audit-logging>
225             <security-domains>
226                 <security-domain name="ApplicationDomain" default-realm="ApplicationRealm" permission-mapper="default-permission-mapper">
227                     <realm name="ApplicationRealm" role-decoder="groups-to-roles"/>
228                     <realm name="local"/>
229                 </security-domain>
230                 <security-domain name="ManagementDomain" default-realm="ManagementRealm" permission-mapper="default-permission-mapper">
231                     <realm name="ManagementRealm" role-decoder="groups-to-roles"/>
232                     <realm name="local" role-mapper="super-user-mapper"/>
233                 </security-domain>
234             </security-domains>
235             <security-realms>
236                 <identity-realm name="local" identity="$local"/>
237                 <properties-realm name="ApplicationRealm">
238                     <users-properties path="application-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ApplicationRealm"/>
239                     <groups-properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
240                 </properties-realm>
241                 <properties-realm name="ManagementRealm">
242                     <users-properties path="mgmt-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ManagementRealm"/>
243                     <groups-properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
244                 </properties-realm>
245             </security-realms>
246             <mappers>
247                 <simple-permission-mapper name="default-permission-mapper" mapping-mode="first">
248                     <permission-mapping>
249                         <principal name="anonymous"/>
250                         <permission-set name="default-permissions"/>
251                     </permission-mapping>
252                     <permission-mapping match-all="true">
253                         <permission-set name="login-permission"/>
254                         <permission-set name="default-permissions"/>
255                     </permission-mapping>
256                 </simple-permission-mapper>
257                 <constant-realm-mapper name="local" realm-name="local"/>
258                 <simple-role-decoder name="groups-to-roles" attribute="groups"/>
259                 <constant-role-mapper name="super-user-mapper">
260                     <role name="SuperUser"/>
261                 </constant-role-mapper>
262             </mappers>
263             <permission-sets>
264                 <permission-set name="login-permission">
265                     <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/>
266                 </permission-set>
267                 <permission-set name="default-permissions">
268                     <permission class-name="org.wildfly.extension.batch.jberet.deployment.BatchPermission" module="org.wildfly.extension.batch.jberet" target-name="*"/>
269                     <permission class-name="org.wildfly.transaction.client.RemoteTransactionPermission" module="org.wildfly.transaction.client"/>
270                     <permission class-name="org.jboss.ejb.client.RemoteEJBPermission" module="org.jboss.ejb-client"/>
271                 </permission-set>
272             </permission-sets>
273             <http>
274                 <http-authentication-factory name="management-http-authentication" security-domain="ManagementDomain" http-server-mechanism-factory="global">
275                     <mechanism-configuration>
276                         <mechanism mechanism-name="DIGEST">
277                             <mechanism-realm realm-name="ManagementRealm"/>
278                         </mechanism>
279                     </mechanism-configuration>
280                 </http-authentication-factory>
281                 <provider-http-server-mechanism-factory name="global"/>
282             </http>
283             <sasl>
284                 <sasl-authentication-factory name="application-sasl-authentication" sasl-server-factory="configured" security-domain="ApplicationDomain">
285                     <mechanism-configuration>
286                         <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
287                         <mechanism mechanism-name="DIGEST-MD5">
288                             <mechanism-realm realm-name="ApplicationRealm"/>
289                         </mechanism>
290                     </mechanism-configuration>
291                 </sasl-authentication-factory>
292                 <sasl-authentication-factory name="management-sasl-authentication" sasl-server-factory="configured" security-domain="ManagementDomain">
293                     <mechanism-configuration>
294                         <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
295                         <mechanism mechanism-name="DIGEST-MD5">
296                             <mechanism-realm realm-name="ManagementRealm"/>
297                         </mechanism>
298                     </mechanism-configuration>
299                 </sasl-authentication-factory>
300                 <configurable-sasl-server-factory name="configured" sasl-server-factory="elytron">
301                     <properties>
302                         <property name="wildfly.sasl.local-user.default-user" value="$local"/>
303                     </properties>
304                 </configurable-sasl-server-factory>
305                 <mechanism-provider-filtering-sasl-server-factory name="elytron" sasl-server-factory="global">
306                     <filters>
307                         <filter provider-name="WildFlyElytron"/>
308                     </filters>
309                 </mechanism-provider-filtering-sasl-server-factory>
310                 <provider-sasl-server-factory name="global"/>
311             </sasl>
312         </subsystem>
313         <subsystem xmlns="urn:jboss:domain:infinispan:11.0">
314             <cache-container name="keycloak" module="org.keycloak.keycloak-model-infinispan">
315                 <local-cache name="realms">
316                     <heap-memory size="10000"/>
317                 </local-cache>
318                 <local-cache name="users">
319                     <heap-memory size="10000"/>
320                 </local-cache>
321                 <local-cache name="sessions"/>
322                 <local-cache name="authenticationSessions"/>
323                 <local-cache name="offlineSessions"/>
324                 <local-cache name="clientSessions"/>
325                 <local-cache name="offlineClientSessions"/>
326                 <local-cache name="loginFailures"/>
327                 <local-cache name="work"/>
328                 <local-cache name="authorization">
329                     <heap-memory size="10000"/>
330                 </local-cache>
331                 <local-cache name="keys">
332                     <heap-memory size="1000"/>
333                     <expiration max-idle="3600000"/>
334                 </local-cache>
335                 <local-cache name="actionTokens">
336                     <heap-memory size="-1"/>
337                     <expiration interval="300000" max-idle="-1"/>
338                 </local-cache>
339             </cache-container>
340             <cache-container name="server" default-cache="default" module="org.wildfly.clustering.server">
341                 <local-cache name="default">
342                     <transaction mode="BATCH"/>
343                 </local-cache>
344             </cache-container>
345             <cache-container name="web" default-cache="passivation" module="org.wildfly.clustering.web.infinispan">
346                 <local-cache name="passivation">
347                     <locking isolation="REPEATABLE_READ"/>
348                     <transaction mode="BATCH"/>
349                     <file-store passivation="true" purge="false"/>
350                 </local-cache>
351                 <local-cache name="sso">
352                     <locking isolation="REPEATABLE_READ"/>
353                     <transaction mode="BATCH"/>
354                 </local-cache>
355                 <local-cache name="routing"/>
356             </cache-container>
357             <cache-container name="ejb" aliases="sfsb" default-cache="passivation" module="org.wildfly.clustering.ejb.infinispan">
358                 <local-cache name="passivation">
359                     <locking isolation="REPEATABLE_READ"/>
360                     <transaction mode="BATCH"/>
361                     <file-store passivation="true" purge="false"/>
362                 </local-cache>
363             </cache-container>
364             <cache-container name="hibernate" module="org.infinispan.hibernate-cache">
365                 <local-cache name="entity">
366                     <heap-memory size="10000"/>
367                     <expiration max-idle="100000"/>
368                 </local-cache>
369                 <local-cache name="local-query">
370                     <heap-memory size="10000"/>
371                     <expiration max-idle="100000"/>
372                 </local-cache>
373                 <local-cache name="timestamps"/>
374             </cache-container>
375         </subsystem>
376         <subsystem xmlns="urn:jboss:domain:io:3.0">
377             <worker name="default"/>
378             <buffer-pool name="default"/>
379         </subsystem>
380         <subsystem xmlns="urn:jboss:domain:jaxrs:2.0"/>
381         <subsystem xmlns="urn:jboss:domain:jca:5.0">
382             <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
383             <bean-validation enabled="true"/>
384             <default-workmanager>
385                 <short-running-threads>
386                     <core-threads count="50"/>
387                     <queue-length count="50"/>
388                     <max-threads count="50"/>
389                     <keepalive-time time="10" unit="seconds"/>
390                 </short-running-threads>
391                 <long-running-threads>
392                     <core-threads count="50"/>
393                     <queue-length count="50"/>
394                     <max-threads count="50"/>
395                     <keepalive-time time="10" unit="seconds"/>
396                 </long-running-threads>
397             </default-workmanager>
398             <cached-connection-manager/>
399         </subsystem>
400         <subsystem xmlns="urn:jboss:domain:jmx:1.3">
401             <expose-resolved-model/>
402             <expose-expression-model/>
403             <remoting-connector/>
404         </subsystem>
405         <subsystem xmlns="urn:jboss:domain:jpa:1.1">
406             <jpa default-datasource="" default-extended-persistence-inheritance="DEEP"/>
407         </subsystem>
408         <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
409             <web-context>auth</web-context>
410             <providers>
411                 <provider>
412                     classpath:${jboss.home.dir}/providers/*
413                 </provider>
414             </providers>
415             <master-realm-name>master</master-realm-name>
416             <scheduled-task-interval>900</scheduled-task-interval>
417             <theme>
418                 <staticMaxAge>2592000</staticMaxAge>
419                 <cacheThemes>true</cacheThemes>
420                 <cacheTemplates>true</cacheTemplates>
421                 <welcomeTheme>${env.KEYCLOAK_WELCOME_THEME:keycloak}</welcomeTheme>
422                 <default>${env.KEYCLOAK_DEFAULT_THEME:keycloak}</default>
423                 <dir>${jboss.home.dir}/themes</dir>
424             </theme>
425             <spi name="eventsStore">
426                 <provider name="jpa" enabled="true">
427                     <properties>
428                         <property name="exclude-events" value="[&quot;REFRESH_TOKEN&quot;]"/>
429                     </properties>
430                 </provider>
431             </spi>
432             <spi name="userCache">
433                 <provider name="default" enabled="true"/>
434             </spi>
435             <spi name="userSessionPersister">
436                 <default-provider>jpa</default-provider>
437             </spi>
438             <spi name="timer">
439                 <default-provider>basic</default-provider>
440             </spi>
441             <spi name="connectionsHttpClient">
442                 <provider name="default" enabled="true"/>
443             </spi>
444             <spi name="connectionsJpa">
445                 <provider name="default" enabled="true">
446                     <properties>
447                         <property name="dataSource" value="java:jboss/datasources/KeycloakDS"/>
448                         <property name="initializeEmpty" value="true"/>
449                         <property name="migrationStrategy" value="update"/>
450                         <property name="migrationExport" value="${jboss.home.dir}/keycloak-database-update.sql"/>
451                     </properties>
452                 </provider>
453             </spi>
454             <spi name="realmCache">
455                 <provider name="default" enabled="true"/>
456             </spi>
457             <spi name="connectionsInfinispan">
458                 <default-provider>default</default-provider>
459                 <provider name="default" enabled="true">
460                     <properties>
461                         <property name="cacheContainer" value="java:jboss/infinispan/container/keycloak"/>
462                     </properties>
463                 </provider>
464             </spi>
465             <spi name="jta-lookup">
466                 <default-provider>${keycloak.jta.lookup.provider:jboss}</default-provider>
467                 <provider name="jboss" enabled="true"/>
468             </spi>
469             <spi name="publicKeyStorage">
470                 <provider name="infinispan" enabled="true">
471                     <properties>
472                         <property name="minTimeBetweenRequests" value="10"/>
473                     </properties>
474                 </provider>
475             </spi>
476             <spi name="x509cert-lookup">
477                 <default-provider>${keycloak.x509cert.lookup.provider:default}</default-provider>
478                 <provider name="default" enabled="true"/>
479             </spi>
480             <spi name="hostname">
481                 <default-provider>${keycloak.hostname.provider:default}</default-provider>
482                 <provider name="default" enabled="true">
483                     <properties>
484                         <property name="frontendUrl" value="${keycloak.frontendUrl:}"/>
485                         <property name="forceBackendUrlToFrontendUrl" value="false"/>
486                     </properties>
487                 </provider>
488                 <provider name="fixed" enabled="true">
489                     <properties>
490                         <property name="hostname" value="${keycloak.hostname.fixed.hostname:localhost}"/>
491                         <property name="httpPort" value="${keycloak.hostname.fixed.httpPort:-1}"/>
492                         <property name="httpsPort" value="${keycloak.hostname.fixed.httpsPort:-1}"/>
493                         <property name="alwaysHttps" value="${keycloak.hostname.fixed.alwaysHttps:false}"/>
494                     </properties>
495                 </provider>
496             </spi>
497         </subsystem>
498         <subsystem xmlns="urn:jboss:domain:mail:4.0">
499             <mail-session name="default" jndi-name="java:jboss/mail/Default">
500                 <smtp-server outbound-socket-binding-ref="mail-smtp"/>
501             </mail-session>
502         </subsystem>
503         <subsystem xmlns="urn:wildfly:microprofile-config-smallrye:1.0"/>
504         <subsystem xmlns="urn:wildfly:microprofile-health-smallrye:2.0" security-enabled="false" empty-liveness-checks-status="${env.MP_HEALTH_EMPTY_LIVENESS_CHECKS_STATUS:UP}" empty-readiness-checks-status="${env.MP_HEALTH_EMPTY_READINESS_CHECKS_STATUS:UP}"/>
505         <subsystem xmlns="urn:wildfly:microprofile-metrics-smallrye:2.0" security-enabled="false" exposed-subsystems="*" prefix="${wildfly.metrics.prefix:wildfly}"/>
506         <subsystem xmlns="urn:jboss:domain:naming:2.0">
507             <remote-naming/>
508         </subsystem>
509         <subsystem xmlns="urn:jboss:domain:remoting:4.0">
510             <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
511         </subsystem>
512         <subsystem xmlns="urn:jboss:domain:request-controller:1.0"/>
513         <subsystem xmlns="urn:jboss:domain:security:2.0">
514             <security-domains>
515                 <security-domain name="other" cache-type="default">
516                     <authentication>
517                         <login-module code="Remoting" flag="optional">
518                             <module-option name="password-stacking" value="useFirstPass"/>
519                         </login-module>
520                         <login-module code="RealmDirect" flag="required">
521                             <module-option name="password-stacking" value="useFirstPass"/>
522                         </login-module>
523                     </authentication>
524                 </security-domain>
525                 <security-domain name="jboss-web-policy" cache-type="default">
526                     <authorization>
527                         <policy-module code="Delegating" flag="required"/>
528                     </authorization>
529                 </security-domain>
530                 <security-domain name="jaspitest" cache-type="default">
531                     <authentication-jaspi>
532                         <login-module-stack name="dummy">
533                             <login-module code="Dummy" flag="optional"/>
534                         </login-module-stack>
535                         <auth-module code="Dummy"/>
536                     </authentication-jaspi>
537                 </security-domain>
538                 <security-domain name="jboss-ejb-policy" cache-type="default">
539                     <authorization>
540                         <policy-module code="Delegating" flag="required"/>
541                     </authorization>
542                 </security-domain>
543             </security-domains>
544         </subsystem>
545         <subsystem xmlns="urn:jboss:domain:security-manager:1.0">
546             <deployment-permissions>
547                 <maximum-set>
548                     <permission class="java.security.AllPermission"/>
549                 </maximum-set>
550             </deployment-permissions>
551         </subsystem>
552         <subsystem xmlns="urn:jboss:domain:transactions:5.0">
553             <core-environment node-identifier="${jboss.tx.node.id:1}">
554                 <process-id>
555                     <uuid/>
556                 </process-id>
557             </core-environment>
558             <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
559             <coordinator-environment statistics-enabled="${wildfly.transactions.statistics-enabled:${wildfly.statistics-enabled:false}}"/>
560             <object-store path="tx-object-store" relative-to="jboss.server.data.dir"/>
561         </subsystem>
562         <subsystem xmlns="urn:jboss:domain:undertow:11.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">
563             <buffer-cache name="default"/>
564             <server name="default-server">
565                 <http-listener name="default" socket-binding="http" redirect-socket="https" proxy-address-forwarding="${env.PROXY_ADDRESS_FORWARDING:false}" enable-http2="true"/>
566                 <https-listener name="https" socket-binding="https" proxy-address-forwarding="${env.PROXY_ADDRESS_FORWARDING:false}" security-realm="ApplicationRealm" enable-http2="true"/>
567                 <host name="default-host" alias="localhost">
568                     <location name="/" handler="welcome-content"/>
569                     <http-invoker security-realm="ApplicationRealm"/>
570                 </host>
571             </server>
572             <servlet-container name="default">
573                 <jsp-config/>
574                 <websockets/>
575             </servlet-container>
576             <handlers>
577                 <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
578             </handlers>
579         </subsystem>
580         <subsystem xmlns="urn:jboss:domain:weld:4.0"/>
581     </profile>
582     <interfaces>
583         <interface name="management">
584             <inet-address value="${jboss.bind.address.management:[::1]}"/>
585         </interface>
586         <interface name="public">
587             <inet-address value="${jboss.bind.address:[::]}"/>
588         </interface>
589     </interfaces>
590     <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
591         <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
592         <socket-binding name="http" port="${jboss.http.port:8080}"/>
593         <socket-binding name="https" port="${jboss.https.port:8443}"/>
594         <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
595         <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
596         <socket-binding name="txn-recovery-environment" port="4712"/>
597         <socket-binding name="txn-status-manager" port="4713"/>
598         <outbound-socket-binding name="mail-smtp">
599             <remote-destination host="${jboss.mail.server.host:localhost}" port="${jboss.mail.server.port:25}"/>
600         </outbound-socket-binding>
601     </socket-binding-group>
602 </server>