Permission added using list-add should be validated before adding to Elytron constant-permission-mapper or simple-permission-mapper ----------------------------------------------------------------------------------------------------------------------------------- Key: WFCORE-2401 URL: https://issues.jboss.org/browse/WFCORE-2401 Project: WildFly Core Issue Type: Bug Components: Security Affects Versions: 3.0.0.Beta7 Reporter: Ondrej Kotek Assignee: Darran Lofthouse Labels: user_experience Permission object added using {{list-add}} operation should be validated before being added to {{constant-permission-mapper}} or {{simple-permission-mapper}}. The reproducer should behave like {noformat} [standalone@localhost:9990 /] /subsystem=elytron/constant-permission-mapper=cpm:add(permissions=[{class-name=java.io.FilePermission}]) { "outcome" => "failed", "failure-description" => { "WFLYCTL0080: Failed services" => {"org.wildfly.security.permission-mapper.cpm" => "org.jboss.msc.service.StartException in service org.wildfly.security.permission-mapper.cpm: WFLYELY00021: Exception while creating the permission object for the permission mapping. Please check [class-name], [target-name] (name of permission) and [action] of [java.io.FilePermission]. Caused by: java.lang.IllegalArgumentException: invalid actions mask"}, "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.permission-mapper.cpm"], "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined }, "rolled-back" => true } {noformat}