[
https://issues.redhat.com/browse/WFWIP-316?page=com.atlassian.jira.plugin...
]
Jean Francois Denise commented on WFWIP-316:
--------------------------------------------
I am questioning myself on this test. By default, the CLI allows unsecure local access.
The test provides --no-local-auth to disable this local access and expects to successfully
connect when no password is set. I would be ok to fix the SASL access, but shouldn't
we keep it secured and just allow local access for the CLI? So fix the test to not use
--no-local-auth when no password is set?
Different behaviour of ADMIN_PASSWORD and securing management
interface
-----------------------------------------------------------------------
Key: WFWIP-316
URL:
https://issues.redhat.com/browse/WFWIP-316
Project: WildFly WIP
Issue Type: Bug
Components: OpenShift
Reporter: Martin Choma
Assignee: Jeff Mesnil
Priority: Major
With XP image started to fail test where {{ADMIN_PASSWORD}} env var is empty. Because
test is expecting management interface to be unsecured in that case. But this does not
happen and management interface is secured with SASL authentication factory. Test is using
CLI so it is SASL which is used for accessing management interface.
Seems in other images CD, 7.3.0.GA (with legacy security in place) when
{{ADMIN_PASSWORD}} was empty management interface was left unsecured.
Seems to me we should be consistent between legacy security and Elytron approach of
securing OpenShift images.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)