[JBoss JIRA] (WFCORE-920) Add a management subsystem
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFCORE-920?page=com.atlassian.jira.plugin... ]
Darran Lofthouse commented on WFCORE-920:
-----------------------------------------
Thinking about capabilities and requirements a subsystem would also be an ideal location to expose capabilities specific to management e.g. Elytron will be providing a PermissionMapper capability for handling permissions checks - as the Elytron subsystem is a generic subsystem for use across the whole application server the configuration will be quite generic, on the other hand a management subsystem could provide a highly management specific PermissionMapper implementation.
> Add a management subsystem
> --------------------------
>
> Key: WFCORE-920
> URL: https://issues.jboss.org/browse/WFCORE-920
> Project: WildFly Core
> Issue Type: Task
> Components: Domain Management
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Labels: affects_elytron
>
> As subsystems can also be defined in a host controller we can now move the management configuration into a subsystem, legacy resources however such as security realms can be omitted.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 5 months
[JBoss JIRA] (JBAS-9578) Enabling/Disabling a Datasource prompts for server restart
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/JBAS-9578?page=com.atlassian.jira.plugin.... ]
Darran Lofthouse commented on JBAS-9578:
----------------------------------------
You probably want the WildFly project if forwarding this over - the JBAS project only covers JBoss AS up until version 6.
> Enabling/Disabling a Datasource prompts for server restart
> ----------------------------------------------------------
>
> Key: JBAS-9578
> URL: https://issues.jboss.org/browse/JBAS-9578
> Project: Application Server 3 4 5 and 6
> Issue Type: Bug
> Environment: Red Hat JBoss Data Virtualization 6.2.4 on EAP patched to version 6.4.6, on Oracle Linux 6
> JBoss Developer Studio 8.1.0GA with Teiid Designer 9.0.6.Final-v20160316-1409-B1242 org.teiid.designer.feature.feature.group JBoss by Red Hat, Inc.
> 64-bit Windows 7 environment
> Reporter: Steve Tran
> Attachments: Capture.PNG
>
>
> When I enable or disable a Datasource in EAP (tested only in domain mode), I get a message that prompts me to restart my server because configurations have changed. This is a new warning because it didn't do this in earlier version of EAP6.4. If I go to the topology screen, none of the servers are marked with the symbol that says it needs to be restarted. If I drill down into the specific node and server, the Datasource was marked as disabled in the UI, so I think it did actually turned off the Datasource correctly.
> I think the prompt is wrong, and should be removed. Also, this might be an EAP bug and not JDV related.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 5 months
[JBoss JIRA] (WFCORE-1533) Integrate Management Access Control permission assignment with Elytron
by Darran Lofthouse (JIRA)
Darran Lofthouse created WFCORE-1533:
----------------------------------------
Summary: Integrate Management Access Control permission assignment with Elytron
Key: WFCORE-1533
URL: https://issues.jboss.org/browse/WFCORE-1533
Project: WildFly Core
Issue Type: Feature Request
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 3.0.0.Alpha1
A big portion of management role based access control is taking the assigned roles and then mapping these to the permissions for that role.
Elytron provides a new PermissionMapper interface that takes a SecurityIdentity and the roles mapped for that identity and returns a PermissionVerifier which can be as simple as a wrapper around a PermissionCollection.
This will also be a good opportunity to start to move the role mapping out of the core management model to Elytron.
After that Elytron allows for custom PermissionMapper implementations to be provided and associated with the domain using capabilities and requirements so we arrive at a point where provided the permission checks performed by management are generic enough custom PermissionMapper / PermissionVerifier implementations can be added that may or may not be role based.
_Note: As with everything we are doing old and new need to be supported in parallel for a while although this may be achieved by providing default Elytron implementations that are wrappers around the old._
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 5 months
[JBoss JIRA] (ELY-530) Configurable PermissionMapper
by Darran Lofthouse (JIRA)
Darran Lofthouse created ELY-530:
------------------------------------
Summary: Configurable PermissionMapper
Key: ELY-530
URL: https://issues.jboss.org/browse/ELY-530
Project: WildFly Elytron
Issue Type: Feature Request
Components: Permissions
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 1.1.0.Beta6
This is to provide a simple configurable PermissionMapper implementation that provides a 'reasonable' level of PermissionVerifier functionality predominantly in the form of assigning Permission or PermissionCollections based on matching against the SecurityIdentity / Roles set.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 5 months
[JBoss JIRA] (ELY-529) Aggregate / Logical Permission Mapper
by Darran Lofthouse (JIRA)
Darran Lofthouse created ELY-529:
------------------------------------
Summary: Aggregate / Logical Permission Mapper
Key: ELY-529
URL: https://issues.jboss.org/browse/ELY-529
Project: WildFly Elytron
Issue Type: Feature Request
Components: Permissions
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 1.1.0.Beta6
The PermissionVerfiers returned by PermissionMapper support chaining logically - we should have PermissionMapper implementations that take the PermisionVerifiers from other PermisionMappers and chain them this way.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 5 months
[JBoss JIRA] (JBVFS-205) File system operations require both java.io.FilePermission and VirtualFilePermission
by Ivo Studensky (JIRA)
Ivo Studensky created JBVFS-205:
-----------------------------------
Summary: File system operations require both java.io.FilePermission and VirtualFilePermission
Key: JBVFS-205
URL: https://issues.jboss.org/browse/JBVFS-205
Project: JBoss VFS
Issue Type: Bug
Affects Versions: 3.2.11.Final, 3.5.0.Alpha1
Reporter: Ivo Studensky
Assignee: Ivo Studensky
Fix For: 3.5.0.Alpha1, 3.2.12.Final
File system operations in org.jboss.vfs.VirtualFile check for VirtualFilePermission and then execute the particular io operation which needs java.io.FilePermission if Security Manager is enabled. Because of this a user has to duplicate each permission on a deployment for both VirtualFilePermission and FilePermission.
It should be enough to check for VirtualFilePermission and execute the io operation inside of the privileged block afterwards.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 5 months
[JBoss JIRA] (WFCORE-1532) Upgrade VFS to 3.2.12.Final
by Ivo Studensky (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1532?page=com.atlassian.jira.plugi... ]
Ivo Studensky moved JBEAP-4557 to WFCORE-1532:
----------------------------------------------
Project: WildFly Core (was: JBoss Enterprise Application Platform)
Key: WFCORE-1532 (was: JBEAP-4557)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: VFS
(was: VFS)
Target Release: (was: 7.backlog.GA)
Affects Version/s: 2.1.0.Final
(was: 7.0.0.GA)
> Upgrade VFS to 3.2.12.Final
> ---------------------------
>
> Key: WFCORE-1532
> URL: https://issues.jboss.org/browse/WFCORE-1532
> Project: WildFly Core
> Issue Type: Component Upgrade
> Components: VFS
> Affects Versions: 2.1.0.Final
> Reporter: Ivo Studensky
> Assignee: Tomaz Cerar
>
> Upgrade VFS to address JBVFS-204.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 5 months
[JBoss JIRA] (JBAS-9578) Enabling/Disabling a Datasource prompts for server restart
by Steven Hawkins (JIRA)
[ https://issues.jboss.org/browse/JBAS-9578?page=com.atlassian.jira.plugin.... ]
Steven Hawkins reassigned JBAS-9578:
------------------------------------
Assignee: (was: Steven Hawkins)
This has been communicated to the Teiid/DV team as the expected behavior - which also affects data source operations we do from the admin api. So I'll forward this over to the JBAS tracker.
> Enabling/Disabling a Datasource prompts for server restart
> ----------------------------------------------------------
>
> Key: JBAS-9578
> URL: https://issues.jboss.org/browse/JBAS-9578
> Project: Application Server 3 4 5 and 6
> Issue Type: Bug
> Environment: Red Hat JBoss Data Virtualization 6.2.4 on EAP patched to version 6.4.6, on Oracle Linux 6
> JBoss Developer Studio 8.1.0GA with Teiid Designer 9.0.6.Final-v20160316-1409-B1242 org.teiid.designer.feature.feature.group JBoss by Red Hat, Inc.
> 64-bit Windows 7 environment
> Reporter: Steve Tran
> Attachments: Capture.PNG
>
>
> When I enable or disable a Datasource in EAP (tested only in domain mode), I get a message that prompts me to restart my server because configurations have changed. This is a new warning because it didn't do this in earlier version of EAP6.4. If I go to the topology screen, none of the servers are marked with the symbol that says it needs to be restarted. If I drill down into the specific node and server, the Datasource was marked as disabled in the UI, so I think it did actually turned off the Datasource correctly.
> I think the prompt is wrong, and should be removed. Also, this might be an EAP bug and not JDV related.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 5 months