[jboss-jira] [JBoss JIRA] (WFLY-2040) RBAC + JMX: auditor can't read sensitive non-core MBeans

Kabir Khan (JIRA) jira-events at lists.jboss.org
Wed Sep 11 13:07:04 EDT 2013 

    [ https://issues.jboss.org/browse/WFLY-2040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12803614#comment-12803614 ] 

Kabir Khan commented on WFLY-2040:
----------------------------------

I rebuilt remoting jmx, and the problem seems to be REMJMX-68 for which I opened https://github.com/jbossas/remoting-jmx/pull/11.

This will change things a bit for your tests since authorization failures throw an MBeanRuntimeException on the server, which was incorrectly propagated as IOException. 
                
> RBAC + JMX: auditor can't read sensitive non-core MBeans
> --------------------------------------------------------
>
>                 Key: WFLY-2040
>                 URL: https://issues.jboss.org/browse/WFLY-2040
>             Project: WildFly
>          Issue Type: Sub-task
>          Components: Domain Management, JMX
>            Reporter: Ladislav Thon
>            Assignee: Kabir Khan
>              Labels: rbac-filed-by-qa
>
> If I set non-core MBeans to be sensitive, like
> {code:xml}
> <subsystem xmlns="urn:jboss:domain:jmx:1.3">
>     <expose-resolved-model/>
>     <expose-expression-model/>
>     <remoting-connector/>
>     <sensitivity non-core-mbeans="true"/>
> </subsystem>
> {code}
> then I expect all roles that can read sensitive data (administrator, auditor, superuser) to be able to read non-core MBeans too. This is currently broken, as only administrator and superuser can read non-core MBeans, auditor cannot. I have a test case for this that I will submit later, but the important part is:
> {code}
> boolean successExpected = ...; // 'true' for auditor
> MBeanServerConnection connection = ...;
> ObjectName domain = new ObjectName("java.lang:type=OperatingSystem");
> try {
>     Object attribute = connection.getAttribute(domain, "Name");
>     assertTrue("Failure was expected", successExpected);
>     assertEquals(System.getProperty("os.name"), attribute.toString());
> } catch (IOException e) {
>     if (e.getCause() instanceof RuntimeMBeanException && e.getCause().getMessage().contains("11360")) {
>         assertFalse("Success was expected but failure happened: " + e, successExpected);
>     } else {
>         throw e;
>     }
> }
> {code}
> Please note that I'm speaking about _reading_ sensitive data, which, if I understand correctly, auditor _can_ do.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list