January 2014 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-1895) Provide a "default" role for management users with no other role specified

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-1895?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-1895: ----------------------------------- Parent: (was: WFLY-490) Issue Type: Enhancement (was: Sub-task) > Provide a "default" role for management users with no other role specified > -------------------------------------------------------------------------- > > Key: WFLY-1895 > URL: https://issues.jboss.org/browse/WFLY-1895 > Project: WildFly > Issue Type: Enhancement > Security Level: Public(Everyone can see) > Components: Domain Management, Security > Reporter: Jakub Cechacek > Assignee: Brian Stansberry > Labels: rbac-filed-by-qa > Fix For: 8.0.0.Final > > > Currently it seems that when using RBAC provider users with no defined role are unable to read domain model at all. Consequently logging into Admin Console leads to 500 error page. Similar errors in CLI. > In relation to this, it should be considered what is the expected behavior of unsecured management interface. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1867) Provide access control documentation

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-1867?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-1867: ----------------------------------- Parent: (was: WFLY-490) Issue Type: Task (was: Sub-task) > Provide access control documentation > ------------------------------------ > > Key: WFLY-1867 > URL: https://issues.jboss.org/browse/WFLY-1867 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Documentation, Domain Management > Reporter: Heiko Braun > Assignee: Brian Stansberry > Fix For: 8.0.0.Final > > > The access control features need to be properly documented -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1867) Provide access control documentation

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-1867?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-1867: ----------------------------------- Fix Version/s: No Release (was: 8.0.0.Final) > Provide access control documentation > ------------------------------------ > > Key: WFLY-1867 > URL: https://issues.jboss.org/browse/WFLY-1867 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Documentation, Domain Management > Reporter: Heiko Braun > Assignee: Brian Stansberry > Fix For: No Release > > > The access control features need to be properly documented -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2002) Ability to configure a custom RBAC implementation

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-2002?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-2002: ----------------------------------- Parent: (was: WFLY-490) Issue Type: Feature Request (was: Sub-task) > Ability to configure a custom RBAC implementation > ------------------------------------------------- > > Key: WFLY-2002 > URL: https://issues.jboss.org/browse/WFLY-2002 > Project: WildFly > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Components: Domain Management > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Priority: Optional > Labels: RBAC-WF-only > Fix For: 9.0.0.CR1 > > > Allow configuration of a module name and set of key/value properties to allow users to plug in a custom implementation of the CustomAuthorizer interface. The impl would be loadable via the ServiceLoader mechanism. > The hooks to integrate such a custom impl into the server are already done, so this is should be just a matter of adding the config capability. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1958) Provide machine readable referential RBAC document with information of default security constrains

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-1958?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-1958: ----------------------------------- Parent: (was: WFLY-490) Issue Type: Feature Request (was: Sub-task) > Provide machine readable referential RBAC document with information of default security constrains > -------------------------------------------------------------------------------------------------- > > Key: WFLY-1958 > URL: https://issues.jboss.org/browse/WFLY-1958 > Project: WildFly > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Components: Domain Management, Security > Reporter: Jakub Cechacek > Labels: rbac-filed-by-qa > Fix For: 8.0.0.Final > > > This is more of a future task, but at some point we should make sure that all security constraints are configured properly (right now we have no way of telling which resources should be, for example, sensitive). Thus QE will need something to check against. As a good example of what I mean have a look at referential document for module classification [1] - although for RBAC we would like to see something more "machine-friendly" > This should be something like listing of resources classified by default as sensitive/application/... > [1] https://docspace.corp.redhat.com/docs/DOC-105009 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1958) Provide machine readable referential RBAC document with information of default security constrains

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-1958?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-1958: ----------------------------------- Fix Version/s: 9.0.0.CR1 (was: 8.0.0.Final) > Provide machine readable referential RBAC document with information of default security constrains > -------------------------------------------------------------------------------------------------- > > Key: WFLY-1958 > URL: https://issues.jboss.org/browse/WFLY-1958 > Project: WildFly > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Components: Domain Management, Security > Reporter: Jakub Cechacek > Labels: rbac-filed-by-qa > Fix For: 9.0.0.CR1 > > > This is more of a future task, but at some point we should make sure that all security constraints are configured properly (right now we have no way of telling which resources should be, for example, sensitive). Thus QE will need something to check against. As a good example of what I mean have a look at referential document for module classification [1] - although for RBAC we would like to see something more "machine-friendly" > This should be something like listing of resources classified by default as sensitive/application/... > [1] https://docspace.corp.redhat.com/docs/DOC-105009 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1857) Remove ConstrainedResourceDefinition, add methods to ResourceDefinition

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-1857?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-1857: ----------------------------------- Parent: (was: WFLY-490) Issue Type: Task (was: Sub-task) > Remove ConstrainedResourceDefinition, add methods to ResourceDefinition > ----------------------------------------------------------------------- > > Key: WFLY-1857 > URL: https://issues.jboss.org/browse/WFLY-1857 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Domain Management > Reporter: Brian Stansberry > Labels: RBAC-WF-only > Fix For: 8.0.0.Final > > > ConstrainedResourceDefinition is a mechanism to add methods to ResourceDefinition without breaking existing impls. This is not necessary in a major release like WF 8. It exists to make it easier to port RBAC to EAP 6.2, where such potential breakage (in a minor release) is not allowed. > This JIRA is to get rid of this subinterface for WF 8 final. > Deferring this to WF 9 is ok. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1857) Remove ConstrainedResourceDefinition, add methods to ResourceDefinition

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-1857?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-1857: ----------------------------------- Fix Version/s: 9.0.0.CR1 (was: 8.0.0.Final) > Remove ConstrainedResourceDefinition, add methods to ResourceDefinition > ----------------------------------------------------------------------- > > Key: WFLY-1857 > URL: https://issues.jboss.org/browse/WFLY-1857 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Domain Management > Reporter: Brian Stansberry > Labels: RBAC-WF-only > Fix For: 9.0.0.CR1 > > > ConstrainedResourceDefinition is a mechanism to add methods to ResourceDefinition without breaking existing impls. This is not necessary in a major release like WF 8. It exists to make it easier to port RBAC to EAP 6.2, where such potential breakage (in a minor release) is not allowed. > This JIRA is to get rid of this subinterface for WF 8 final. > Deferring this to WF 9 is ok. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1958) Provide machine readable referential RBAC document with information of default security constrains

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-1958?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-1958: ----------------------------------- Summary: Provide machine readable referential RBAC document with information of default security constrains (was: Provide machine readable referential document with information of default security constrains) > Provide machine readable referential RBAC document with information of default security constrains > -------------------------------------------------------------------------------------------------- > > Key: WFLY-1958 > URL: https://issues.jboss.org/browse/WFLY-1958 > Project: WildFly > Issue Type: Sub-task > Security Level: Public(Everyone can see) > Components: Domain Management, Security > Reporter: Jakub Cechacek > Labels: rbac-filed-by-qa > Fix For: 8.0.0.Final > > > This is more of a future task, but at some point we should make sure that all security constraints are configured properly (right now we have no way of telling which resources should be, for example, sensitive). Thus QE will need something to check against. As a good example of what I mean have a look at referential document for module classification [1] - although for RBAC we would like to see something more "machine-friendly" > This should be something like listing of resources classified by default as sensitive/application/... > [1] https://docspace.corp.redhat.com/docs/DOC-105009 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2647) Update HornetQ to 2.4.0.Final

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-2647?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-2647: ----------------------------------- Issue Type: Component Upgrade (was: Feature Request) Component/s: JMS > Update HornetQ to 2.4.0.Final > ----------------------------- > > Key: WFLY-2647 > URL: https://issues.jboss.org/browse/WFLY-2647 > Project: WildFly > Issue Type: Component Upgrade > Security Level: Public(Everyone can see) > Components: JMS > Reporter: Clebert Suconic > Assignee: Clebert Suconic > Priority: Blocker > Fix For: 8.0.0.Final > > > I'm setting this as blocker as I think WF final should come with HQ Final -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 3 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2014