[infinispan-issues] [JBoss JIRA] (ISPN-10219) security session doc with wrong declarative configuration

Ryan Emerson (Jira) issues at jboss.org
Wed May 22 11:42:00 EDT 2019 

     [ https://issues.jboss.org/browse/ISPN-10219?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ryan Emerson updated ISPN-10219:
--------------------------------
    Fix Version/s: 10.0.0.Beta4
                   9.4.14.Final


> security session doc with wrong declarative configuration
> ---------------------------------------------------------
>
>                 Key: ISPN-10219
>                 URL: https://issues.jboss.org/browse/ISPN-10219
>             Project: Infinispan
>          Issue Type: Bug
>          Components: Documentation-Core, Security
>    Affects Versions: 9.4.13.Final
>            Reporter: Gustavo Lira e Silva
>            Assignee: Gustavo Lira e Silva
>            Priority: Major
>             Fix For: 10.0.0.Beta4, 9.4.14.Final
>
>
> Session 23.1.3. Embedded Configuration has some wrong declarative configurations.
> The following declarative configuration has some errors:
> {code:xml}
> <cache-container default-cache="secured">
>    <security>
>       <authorization enabled="true">
>          <identity-role-mapper />
>          <role name="admin" permissions="ALL" />
>          <role name="reader" permissions="READ" />
>          <role name="writer" permissions="WRITE" />
>          <role name="supervisor" permissions="READ WRITE EXEC BULK" />
>       </authorization>
>    </security>
>    <local-cache name="secured">
>       <security>
>          <authorization roles="admin reader writer supervisor" />
>       </security>
>    </local-cache>
> </cache-container>
> {code}
> # name attribute is mandatory into cache-container
> # 'enabled' isn't an allowed attribute for the 'authorization' element. The 'authorization' element doesn't allow any attributes
> # There's no permission BULK
> The XML should be like this:
> {code:xml}
> <cache-container name="secure" default-cache="secured">
>    <security>
>       <authorization>
>          <identity-role-mapper />
>          <role name="admin" permissions="ALL" />
>          <role name="reader" permissions="READ" />
>          <role name="writer" permissions="WRITE" />
>          <role name="supervisor" permissions="READ WRITE EXEC" />
>       </authorization>
>    </security>
>    <local-cache name="secured">
>       <security>
>          <authorization roles="admin reader writer supervisor" />
>       </security>
>    </local-cache>
> </cache-container>
> {code}



--
This message was sent by Atlassian Jira
(v7.12.1#712002)

More information about the infinispan-issues mailing list