[
https://issues.redhat.com/browse/WFCORE-5079?page=com.atlassian.jira.plug...
]
Darran Lofthouse commented on WFCORE-5079:
------------------------------------------
core-tools as a layer is usable without the management interfaces, the motivation to add
the core-tools layer could be to be able to use either add-user or elytron-tool - both of
which only operate on the local filesystem.
If the main issue here is executing the CLI then there should be no problem with the
management interfaces being secured as we already support local authentication for the CLI
to be able to authenticate against the local server.
Adjust management layers to be secured by Elytron or legacy security
only
-------------------------------------------------------------------------
Key: WFCORE-5079
URL:
https://issues.redhat.com/browse/WFCORE-5079
Project: WildFly Core
Issue Type: Task
Components: Build System, Management
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Major
Fix For: 13.0.0.Beta5, 13.0.0.Final
At the moment it is only in the documentation that it is unsecured, a list of layers
could be created similar to:
{code:xml}
<configs>
<config>
<name>standalone.xml</name>
<model>standalone</model>
<layers>
<layer>management</layer>
<layer>remoting</layer>
<layer>elytron</layer>
<layer>web-server</layer>
</layers>
</config>
{code}
From a code review of a snippet like this unless the documentation is cross referenced
nothing looks out of place, if instead management was renamed unsecured-management it
would be obvious in a review.
The following gist diff show the effect each of the three management layers presently has
on the configuration.
* management -
https://gist.github.com/darranl/e9f1c5a943684ce124c35638e376644f/revision...
* secure-management -
https://gist.github.com/darranl/e9f1c5a943684ce124c35638e376644f/revision...
* legacy-management -
https://gist.github.com/darranl/e9f1c5a943684ce124c35638e376644f/revision...
--
This message was sent by Atlassian Jira
(v7.13.8#713008)