With the RHBA 7.12.0 release we are switching to Wildfly and to use an Elytron filesystem realm to store user identities. We are adding support to the update tool to switch the applications configuration from the legacy properties-based security realm to the filesystem realm.

This process would only be necessary once, when the update is done from a version before 7.12.0 to another version after 7.12.0, and it has to be performed at the end of the process of applying the regular update. The steps are the following.

1. Migrate users and roles to a filesystem realm. Also documented in EAP.

$ cd ${JBOSS_HOME}
$ ./bin/elytron-tool.sh filesystem-realm -u standalone/configuration/application-users.properties -r standalone/configuration/application-roles.properties -o standalone/configuration/kie-fs-realm-users -f kie-fs-realm-users

2. Apply file updates.

$ cd ${UPDATE_DIR}/rhpam-7.12.0-update/
$ ./elytron/kie-fs-realm-patch.sh ${JBOSS_HOME}/standalone/configuration/kie-fs-realm-users/

3. Apply configuration updates.

cd ${JBOSS_HOME}
./bin/standalone.sh --admin-only -c standalone-full.xml
./bin/jboss-cli.sh --connect --file=${UPDATE_DIR}/rhpam-7.12.0-update/elytron/add-kie-fs-realm.cli