[
https://issues.jboss.org/browse/WFCORE-2614?page=com.atlassian.jira.plugi...
]
Darran Lofthouse commented on WFCORE-2614:
------------------------------------------
Discussed with Brian, we do need to add an additional step to verify no duplicates to
allow for composite operations.
Additionally we previously added support to verify the default realm is within the list of
referenced realms, this should also be in an additional step so both can be added to a
dedicated op at the end of Stage.MODEL and verified together.
Elytron SecurityRealm included more times in a SecurityDomain breaks
the domain service
---------------------------------------------------------------------------------------
Key: WFCORE-2614
URL:
https://issues.jboss.org/browse/WFCORE-2614
Project: WildFly Core
Issue Type: Bug
Components: Security
Affects Versions: 3.0.0.Beta12
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Critical
Labels: eap71_beta, management-model, security-domain
Fix For: 3.0.0.Beta13
Elytron subsystem allows to add the same realm more times into a single security domain.
Nevertheless in such case domain stops to work with following error message:
{noformat}
16:14:17,411 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread
Pool -- 54) WFLYCTL0013: Operation ("add") failed - address: ([
("subsystem" => "elytron"),
("security-domain" => "ManagementDomain")
]) - failure description: "WFLYELY00002: Can not inject the same realm
'local' in a single security domain."
{noformat}
If such the changed domain is ManagementDomain, then the server stops to start at all.
*Suggested fix*
* either allow to have the same realm in a security domain more times
* or check for duplicate realms already when adding/changing the domain
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)