]
Darran Lofthouse commented on WFCORE-3421:
------------------------------------------
If setting it to the default value causes an error maybe we should just handle this within
the domain management validation, this sounds like something easy to trigger elsewhere in
the management model without adding custom validators all over the place.
Alternatively maybe just accept setting this without an outflow domain means the attribute
is ignored - no harm done so is the maintenance of an additional validator providing any
real value?
Incorrect usage of requires for defining the relationship between
outflow-anonymous and outflow-security-domains
----------------------------------------------------------------------------------------------------------------
Key: WFCORE-3421
URL:
https://issues.jboss.org/browse/WFCORE-3421
Project: WildFly Core
Issue Type: Bug
Components: Security
Affects Versions: 4.0.0.Alpha2
Reporter: ehsavoie Hugonnet
If outflow-anonymous is set to false then there is no need for outflow-security-domains
as the default configuration shows clearly.
So
/subsystem=elytron/security-domain=ApplicationDomain:add(default-realm=ApplicationRealm,outflow-anonymous=false,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles}])
should work like
/subsystem=elytron/security-domain=ApplicationDomain:add(default-realm=ApplicationRealm,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles}])
A custom validation code is required instead of relying on the setRequires of
SimpleAttributeDefinition