2:13 p.m.
Brian Stansberry created WFCORE-1028:
----------------------------------------
Summary: Poor handling of invalid roles
Key: WFCORE-1028
URL: https://issues.jboss.org/browse/WFCORE-1028
Project: WildFly Core
Issue Type: Bug
Components: Domain Management
Affects Versions: 2.0.0.CR5
Reporter: Brian Stansberry
A CLI request with an invalid value in the "roles" header results in improper
behavior:
{code}
[domain@localhost:9990 /] /host=*:read-resource{roles=slave-monitor}
{
"outcome" => "failed",
"result" => [],
"rolled-back" => true
}
{code}
The op should fail because the role doesn't exist, but there is no
failure-description.
The following is dumped in the HC log:
{code}
[Host Controller] 12:22:12,314 ERROR [org.jboss.as.controller.management-operation]
(management-handler-thread - 3) WFLYCTL0013: Operation ("resolve") failed -
address: ([]): java.lang.IllegalArgumentException: WFLYCTL0327: Unknown role
'slave-monitor'
[Host Controller] at
org.jboss.as.controller.access.rbac.StandardRoleMapper.canRunAs(StandardRoleMapper.java:95)
[Host Controller] at
org.jboss.as.controller.access.rbac.RunAsRoleMapper.mapRoles(RunAsRoleMapper.java:143)
[Host Controller] at
org.jboss.as.controller.access.rbac.RunAsRoleMapper.mapRoles(RunAsRoleMapper.java:71)
[Host Controller] at
org.jboss.as.controller.access.rbac.DefaultPermissionFactory.getUserPermissions(DefaultPermissionFactory.java:109)
[Host Controller] at
org.jboss.as.controller.access.permission.ManagementPermissionAuthorizer.authorize(ManagementPermissionAuthorizer.java:91)
[Host Controller] at
org.jboss.as.controller.access.management.DelegatingConfigurableAuthorizer.authorize(DelegatingConfigurableAuthorizer.java:99)
[Host Controller] at
org.jboss.as.controller.OperationContextImpl.getBasicAuthorizationResponse(OperationContextImpl.java:1753)
[Host Controller] at
org.jboss.as.controller.OperationContextImpl.authorize(OperationContextImpl.java:1651)
[Host Controller] at
org.jboss.as.controller.OperationContextImpl.readResourceFromRoot(OperationContextImpl.java:833)
[Host Controller] at
org.jboss.as.controller.OperationContextImpl.readResource(OperationContextImpl.java:818)
[Host Controller] at
org.jboss.as.controller.operations.global.GlobalOperationHandlers$ModelAddressResolver.execute(GlobalOperationHandlers.java:402)
[Host Controller] at
org.jboss.as.controller.operations.global.GlobalOperationHandlers$ModelAddressResolver.execute(GlobalOperationHandlers.java:306)
[Host Controller] at
org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:890)
[Host Controller] at
org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:659)
[Host Controller] at
org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:370)
[Host Controller] at
org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1336)
[Host Controller] at
org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:391)
[Host Controller] at
org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:217)
[Host Controller] at
org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:207)
[Host Controller] at
org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$300(ModelControllerClientOperationHandler.java:129)
[Host Controller] at
org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:151)
[Host Controller] at
org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:147)
[Host Controller] at java.security.AccessController.doPrivileged(Native Method)
[Host Controller] at javax.security.auth.Subject.doAs(Subject.java:422)
[Host Controller] at
org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:92)
[Host Controller] at
org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:147)
[Host Controller] at
org.jboss.as.protocol.mgmt.AbstractMessageHandler$2$1.doExecute(AbstractMessageHandler.java:299)
[Host Controller] at
org.jboss.as.protocol.mgmt.AbstractMessageHandler$AsyncTaskRunner.run(AbstractMessageHandler.java:519)
[Host Controller] at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[Host Controller] at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[Host Controller] at java.lang.Thread.run(Thread.java:745)
[Host Controller] at org.jboss.threads.JBossThread.run(JBossThread.java:320)
{code}
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
3370
days inactive
3370
days old
0 comments
1 participants
participants (1)
-
Brian Stansberry (JIRA)