[jboss-jira] [JBoss JIRA] (WFLY-2040) RBAC + JMX: auditor can't read sensitive non-core MBeans
Ladislav Thon (JIRA)
jira-events at lists.jboss.org
Wed Sep 11 06:41:03 EDT 2013
[ https://issues.jboss.org/browse/WFLY-2040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12803441#comment-12803441 ]
Ladislav Thon commented on WFLY-2040:
-------------------------------------
[~kabirkhan] Here you go: https://github.com/Ladicek/wildfly/tree/rbac-jmx-wip
The main classes are {{AbstractJmxNonCoreMBeansSensitivityTestCase}} and its subclasses ({{JmxNonSensitiveTestCase}} for the situation where non-core MBeans are _not_ sensitive, using normal {{standalone.xml}}, and {{JmxSensitiveTestCase}} for situation where non-core MBeans _are_ sensitive, using a special {{jmx-sensitivity-standalone.xml}}).
Note that there is a lot more in this test than this particular issue. The calls to {{writeOperation}} and {{extraSensitiveOperation}} inside the {{test}} method are commented out, because they do not work (though I believe they should; if you could take a look, that would be great).
Please do not (try to) merge this branch, I don't intend to submit it in this form. Thanks.
> RBAC + JMX: auditor can't read sensitive non-core MBeans
> --------------------------------------------------------
>
> Key: WFLY-2040
> URL: https://issues.jboss.org/browse/WFLY-2040
> Project: WildFly
> Issue Type: Sub-task
> Components: Domain Management, JMX
> Reporter: Ladislav Thon
> Assignee: Kabir Khan
> Labels: rbac-filed-by-qa
>
> If I set non-core MBeans to be sensitive, like
> {code:xml}
> <subsystem xmlns="urn:jboss:domain:jmx:1.3">
> <expose-resolved-model/>
> <expose-expression-model/>
> <remoting-connector/>
> <sensitivity non-core-mbeans="true"/>
> </subsystem>
> {code}
> then I expect all roles that can read sensitive data (administrator, auditor, superuser) to be able to read non-core MBeans too. This is currently broken, as only administrator and superuser can read non-core MBeans, auditor cannot. I have a test case for this that I will submit later, but the important part is:
> {code}
> boolean successExpected = ...; // 'true' for auditor
> MBeanServerConnection connection = ...;
> ObjectName domain = new ObjectName("java.lang:type=OperatingSystem");
> try {
> Object attribute = connection.getAttribute(domain, "Name");
> assertTrue("Failure was expected", successExpected);
> assertEquals(System.getProperty("os.name"), attribute.toString());
> } catch (IOException e) {
> if (e.getCause() instanceof RuntimeMBeanException && e.getCause().getMessage().contains("11360")) {
> assertFalse("Success was expected but failure happened: " + e, successExpected);
> } else {
> throw e;
> }
> }
> {code}
> Please note that I'm speaking about _reading_ sensitive data, which, if I understand correctly, auditor _can_ do.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list