]
Darran Lofthouse moved JBEAP-10087 to WFCORE-2614:
--------------------------------------------------
Project: WildFly Core (was: JBoss Enterprise Application Platform)
Key: WFCORE-2614 (was: JBEAP-10087)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Security
(was: Security)
Affects Version/s: 3.0.0.Beta12
(was: 7.1.0.DR13)
Elytron SecurityRealm included more times in a SecurityDomain breaks
the domain service
---------------------------------------------------------------------------------------
Key: WFCORE-2614
URL:
https://issues.jboss.org/browse/WFCORE-2614
Project: WildFly Core
Issue Type: Bug
Components: Security
Affects Versions: 3.0.0.Beta12
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Critical
Labels: eap71_beta, management-model, security-domain
Fix For: 3.0.0.Beta13
Elytron subsystem allows to add the same realm more times into a single security domain.
Nevertheless in such case domain stops to work with following error message:
{noformat}
16:14:17,411 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread
Pool -- 54) WFLYCTL0013: Operation ("add") failed - address: ([
("subsystem" => "elytron"),
("security-domain" => "ManagementDomain")
]) - failure description: "WFLYELY00002: Can not inject the same realm
'local' in a single security domain."
{noformat}
If such the changed domain is ManagementDomain, then the server stops to start at all.
*Suggested fix*
* either allow to have the same realm in a security domain more times
* or check for duplicate realms already when adding/changing the domain