How to change WildFly Management Console Password

The WildFly Management Console is a web-based administration tool that allows you to manage and configure the server. It is important to keep your WildFly Management Console password secure, and change it periodically to prevent unauthorized access. Here’s a tutorial on how to change the WildFly Management password:

The passwords for WildFly management users are, by default, stored in the following file;

$JBOSS_HOME/standalone/configuration/mgmt-users.properties

Here is an example:

admin=2a0923285184943425d1f53ddd58ec7a

As you can see, the users are in plain text but passwords are hashed. For this reason, there is no specific command to change the password.

Things you can do:

  1. You can remove the user you want and then re-add it via add-user.sh/bat script.
  2. Other than that, if you try to insert again the management user, it will be requested if you want to overwrite the existing user.
$ ./add-user.sh 

What type of user do you wish to add? 
 a) Management User (mgmt-users.properties) 
 b) Application User (application-users.properties)
(a): a

Enter the details of the new user to add.
Using realm 'ManagementRealm' as discovered from the existing property files.
Username : admin
User 'admin' already exists and is disabled, would you like to... 
 a) Update the existing user password and roles 
 b) Enable the existing user 
 c) Type a new username
(a): a
Password recommendations are listed below. To modify these restrictions edit the add-user.properties configuration file.
 - The password should be different from the username
 - The password should not be one of the following restricted values {root, admin, administrator}
 - The password should contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), 1 non-alphanumeric symbol(s)
Password : 
Re-enter Password : 
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[  ]: 
Updated user 'admin' to file '/home/francesco/jboss/wildfly-20.0.0.Final/standalone/configuration/mgmt-users.properties'
Updated user 'admin' to file '/home/francesco/jboss/wildfly-20.0.0.Final/domain/configuration/mgmt-users.properties'
Updated user 'admin' with groups  to file '/home/francesco/jboss/wildfly-20.0.0.Final/standalone/configuration/mgmt-groups.properties'
Updated user 'admin' with groups  to file '/home/francesco/jboss/wildfly-20.0.0.Final/domain/configuration/mgmt-groups.properties'

Is this new user going to be used for one AS process to connect to another AS process? 
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? yes
To represent the user add the following to the server-identities definition <secret value="YWRtaW4=" />

Now you can Login to the WildFly Management Console with the updated User and Password:

wildfly admin console password wildfly admin console password

Updating user passwords for SSL connections

Things can get a bit more complicated if you enabled SSL for wildfly management console. In this case, in order to reset login details, you need to pass the user’s property file name and security realm name which was used while configuring SSL for the management console.

Here is an example:

If you have stored the user credentials in the file https-mgmt-users.properties and the HTTPSManagementRealm security realm for securing the management console, here is how to change your password:

./add-user.sh -up https-mgmt-users.properties -r HTTPSManagementRealm

Please notice we are using the “-up” option which allows us to specify the file name of the user properties file, which can be an absolute path. Also we are using the “-r” option to specify the security Realm (by default it is (“ManagementRealm”)

Found the article helpful? if so please follow us on Socials