Management Console Authentication Fails with Elytron and RBAC, Displays "Connect to Management Interface" in JBoss EAP 7.1 or Later

Solution Verified - Updated 14 Jun 2024

Environment

Red Hat JBoss Enterprise Application Platform (EAP)
- 7.1 or later
Elytron Security
RBAC enabled

Issue

Management console shows Connect to Management Interface prompt every time while trying to connect
Authentication fails

Resolution

The popup, Connect to Management Interface, is due to using the realm attribute in RBAC configuration :

<role name="Deployer">
    <include>
        <user realm="ManagementRealm" name="appdeployer"/>
              ^^^^^^^^^^^^^^^^^^^^^^^
        <user realm="ManagementRealm" name="appdeploytest"/>
              ^^^^^^^^^^^^^^^^^^^^^^^
    </include>
</role>

Remove the realm attribute from users. The realm attribute refers to legacy security, not Elytron. It is, therefore, deprecated and will be removed in future versions.

note Refer to KCS for enabling RBAC on management console.

Diagnostic Steps

Set-up works fine when RBAC is disabled.

SBR

JBoss Base AS

Product(s)

Red Hat JBoss Enterprise Application Platform

Components

jbossas

Category

Troubleshoot

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.