[jboss-jira] [JBoss JIRA] (WFLY-1818) Allow ModelControllerClient configurations to disable the JBOSS_LOCAL_USER SASL mechanism
Brian Stansberry (JIRA)
jira-events at lists.jboss.org
Sun Aug 4 17:17:26 EDT 2013
[ https://issues.jboss.org/browse/WFLY-1818?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Stansberry updated WFLY-1818:
-----------------------------------
Summary: Allow ModelControllerClient configurations to disable the JBOSS_LOCAL_USER SASL mechanism (was: All ModelControllerClient configurations to disable the JBOSS_LOCAL_USER SASL mechanism)
> Allow ModelControllerClient configurations to disable the JBOSS_LOCAL_USER SASL mechanism
> -----------------------------------------------------------------------------------------
>
> Key: WFLY-1818
> URL: https://issues.jboss.org/browse/WFLY-1818
> Project: WildFly
> Issue Type: Sub-task
> Components: Domain Management
> Reporter: Brian Stansberry
> Assignee: Brian Stansberry
> Fix For: 8.0.0.Alpha4
>
>
> The ModelControllerClient ClientConfiguration interface allows passing in a "saslOptions" map, which gets passed to xnio. Remoting also supports an "Options.SASL_DISALLOWED_MECHANISMS" Option but does not look to the saslOptions map for that. This makes it difficult for a ModelControllerClient user to disallow a mechanism, specifically JBOSS_LOCAL_USER.
> This makes building integration tests for RBAC very difficult, since the JBOSS_LOCAL_USER mechanism will get preference, the desired user account will not be used, and the intended role mapping will not occur.
> Intended fix is to have ProtocolConnectionUtils, which sets up the remoting OptionMap, look for a "SASL_DISALLOWED_MECHANISMS" key in saslOptions and if found set up the Remoting Option.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list