[jboss-jira] [JBoss JIRA] (WFLY-2024) Scoped roles base on SuperUser should not be allowed
Jakub Cechacek (JIRA)
jira-events at lists.jboss.org
Mon Sep 9 04:33:03 EDT 2013
[ https://issues.jboss.org/browse/WFLY-2024?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12802667#comment-12802667 ]
Jakub Cechacek commented on WFLY-2024:
--------------------------------------
The reason why I'd opened this issue is that these roles didn't work for me in admin console (lack of host/group permission). After reading this I've tried it also in CLI and it seems to be working as expected. I will ask Heiko about it when he gets online and fill a HAL issue.
Thanks for providing some insight Brian.
> Scoped roles base on SuperUser should not be allowed
> -----------------------------------------------------
>
> Key: WFLY-2024
> URL: https://issues.jboss.org/browse/WFLY-2024
> Project: WildFly
> Issue Type: Sub-task
> Components: Domain Management, Security
> Reporter: Jakub Cechacek
> Labels: rbac-filed-by-qa
> Fix For: 8.0.0.CR1
>
>
> It should not be possible to create scoped roles with SuperUser used as the base role. These roles currently don't have any permission to operate over Server Group / Host anyway and having such role doesn't make sense (as restricted superuser is not a superuser).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list