[jboss-jira] [JBoss JIRA] (WFLY-1980) Revisit priviledges for /core-service=management/access=authorization
Heiko Braun (JIRA)
jira-events at lists.jboss.org
Mon Sep 2 06:53:03 EDT 2013
Heiko Braun created WFLY-1980:
---------------------------------
Summary: Revisit priviledges for /core-service=management/access=authorization
Key: WFLY-1980
URL: https://issues.jboss.org/browse/WFLY-1980
Project: WildFly
Issue Type: Bug
Components: Domain Management
Reporter: Heiko Braun
Assignee: Brian Stansberry
It seems the access control resources (/core-service=management/access=authorization) are addressable by the monitor role:
{noformat}
[standalone at localhost:9990 /] /core-service=management/access=authorization:read-resource(){roles=monitor}
{
"outcome" => "success",
"result" => {
"provider" => "simple",
"use-realm-roles" => false,
"constraint" => {
"application-classification" => undefined,
"sensitivity-classification" => undefined,
"vault-expression" => undefined
},
"role-mapping" => {"SuperUser" => undefined}
}
}
{noformat}
I think it should be 'addressable=false' for anybody except SuperUser and Administrator
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list