Brian Stansberry created WFLY-2444: -------------------------------------- Summary: Missing filtering response header from type=*:read-resource Key: WFLY-2444 URL: https://issues.jboss.org/browse/WFLY-2444 Project: WildFly Issue Type: Sub-task Security Level: Public (Everyone can see) Components: Domain Management Affects Versions: 8.0.0.Beta1 Reporter: Brian Stansberry Assignee: Brian Stansberry Fix For: 8.0.0.CR1 No indication that data was filtered when running read-resource against a wildcard address. [standalone@localhost:9990 /] /core-service=management/security-realm=*:read-resource{roles=Monitor} { "outcome" => "success", "result" => [] } If you make a non-addressable resource addressable, but still non-readable, you get the same result: [standalone@localhost:9990 /] /subsystem=security/security-domain=*:read-resource{roles=Monitor} { "outcome" => "success", "result" => [] } This latter condition is more problematic, as the user has no clue that some security-domains exist but no data was provided, even though the user has the right to know about their existence. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira