[jboss-jira] [JBoss JIRA] (WFLY-2139) ProxyStepHandler/Controller need to check access before attempting to read information
RH Bugzilla Integration (JIRA)
issues at jboss.org
Sun Dec 15 11:14:41 EST 2013
[ https://issues.jboss.org/browse/WFLY-2139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12931383#comment-12931383 ]
RH Bugzilla Integration commented on WFLY-2139:
-----------------------------------------------
mark yarborough <myarboro at redhat.com> changed the Status of [bug 1011994|https://bugzilla.redhat.com/show_bug.cgi?id=1011994] from VERIFIED to CLOSED
> ProxyStepHandler/Controller need to check access before attempting to read information
> --------------------------------------------------------------------------------------
>
> Key: WFLY-2139
> URL: https://issues.jboss.org/browse/WFLY-2139
> Project: WildFly
> Issue Type: Sub-task
> Security Level: Public(Everyone can see)
> Components: Domain Management, Security
> Reporter: Kabir Khan
> Assignee: Kabir Khan
> Fix For: 8.0.0.Beta1
>
>
> This affects things like recursive :read-resource(-description) :read-children-resources and so on. The problem as it stands is that if you have, say, a host scoped role scoped to host=master, and there is also a slave host controller, and you try to :read-resource(recursive=true,proxies=true), the master will list the slave host controller in its list of child addresses. It will then execute /host=slave:read-resource(recursive=true,proxies=true), which will fail and roll back the tx since the master host scoped role does not have access to that resource.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list