[JBoss JIRA] (AS7-3044) bin/add-user.sh allows create two identical users
by Pavel Janousek (JIRA)
[ https://issues.jboss.org/browse/AS7-3044?page=com.atlassian.jira.plugin.s... ]
Pavel Janousek reopened AS7-3044:
---------------------------------
I'm not fully satisfied with present behavior.
If Realm is editable item, I can set it to something else... If so, there isn't any reason why we can't have the same user with two different realms (from admin PoV), but present behavior reject a such user (second attempt) as duplicated user.
Also it isn't a much more meaningful that although mgmt-users.properties is dedicated only for ManagementRealm, add-user script allows to add users with other realms to this file.
I think that definitive solution is set Realm in add-user script only informative (Read only) and not editable.
I'm also aware that add-user.sh isn't general tool for editing user/group/realms credentials in AS7 (compared to other JEE servers), it is suited only as simple shorthand for rights definition to Admin console - and therefore present behavior without explicit knowing this details could confuse some users too.
I think this is rather usability issue, not technical problem.
> bin/add-user.sh allows create two identical users
> -------------------------------------------------
>
> Key: AS7-3044
> URL: https://issues.jboss.org/browse/AS7-3044
> Project: Application Server 7
> Issue Type: Bug
> Components: Console
> Affects Versions: 7.1.0.Beta1b
> Reporter: Pavel Janousek
> Assignee: Darran Lofthouse
> Fix For: 7.1.0.CR1
>
>
> bin/add-user.sh allows to create two identical users even you specify really the same input values (realm, login name and password). It created two lines in mgmt-users.properties.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 8 months