Changing application user passwords

[mike van den berg]

Wildfly version 20.0.1.Final

I made an attempt in changing the password of a user in the applicationrealm. I used the following commands to perform this change:

To be able to change the default passwords of:

·       Administrator1

·       Unit4Admin

Please run the following command:

cd /d D:\soft\u4fin\wildfly\bin\

add-user.bat

 

What type of user do you wish to add?

a) Management User (mgmt-users.properties)

b) Application User (application-users.properties)

(a): b

 

Enter the details of the new user to add.

Using realm 'ApplicationRealm' as discovered from the existing property files.

Username : "User"

User 'Unit4Admin' already exists and is enabled, would you like to...

a) Update the existing user password and roles

b) Disable the existing user

c) Type a new username

(a): a

Password recommendations are listed below. To modify these restrictions edit the add-user.properties configuration file.

- The password should be different from the username

- The password should not be one of the following restricted values {root, admin, administrator}

- The password should contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), 1 non-alphanumeric symbol(s)

Password :

WFLYDM0099: Password should have at least 8 characters!

Are you sure you want to use the password entered yes/no? y

Re-enter Password :

What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[Unit4FinancialsConsoleAdmin]:

Updated user 'Unit4Admin' to file 'C:\u4fin\wildfly\standalone\configuration\application-users.properties'

Updated user 'Unit4Admin' to file 'C:\u4fin\wildfly\domain\configuration\application-users.properties'

Updated user 'Unit4Admin' with groups  to file 'C:\u4fin\wildfly\standalone\configuration\application-roles.properties'

Updated user 'Unit4Admin' with groups  to file 'C:\u4fin\wildfly\domain\configuration\application-roles.properties'

Is this new user going to be used for one AS process to connect to another AS process?

e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.

yes/no? n

Press any key to continue . . .

The result was NOT a change of the existing password. The new password was added next to the existing one. Now, I have 2 different passwords that work for the same user. Next I tried disabling the user, but this didn't seem to work as the user is still granted access. 

Can someone tell me where to look for answers or find the mistakes i made in this process.