[jboss-jira] [JBoss JIRA] (WFLY-2037) Login as user with no role assigned leads to 500 error page
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Tue Sep 10 11:54:04 EDT 2013
[ https://issues.jboss.org/browse/WFLY-2037?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12803186#comment-12803186 ]
Darran Lofthouse commented on WFLY-2037:
----------------------------------------
WFLY-1895 and WFLY-2037 are very closely related overall I think the following changes should be made: -
1 - If a user has no roles assigned the HTTP server should be returning a HTTP 403 response to indicate permission has been denied, need to take into account that future access control providers may not be role based when implementing this.
2 - Enhance the role mapping configuration with a default role to be assigned to all authenticated callers if no other roles are assigned. That potentially even eliminates the need for the 'simple' access control provider.
> Login as user with no role assigned leads to 500 error page
> -----------------------------------------------------------
>
> Key: WFLY-2037
> URL: https://issues.jboss.org/browse/WFLY-2037
> Project: WildFly
> Issue Type: Sub-task
> Components: Domain Management
> Reporter: Jakub Cechacek
> Assignee: Brian Stansberry
> Labels: rbac-filed-by-qa
> Fix For: 8.0.0.Beta1
>
>
> Some message other than the default 500 error page should be displayed in such case.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list