[jboss-jira] [JBoss JIRA] (WFLY-2040) RBAC + JMX: auditor can't read sensitive non-core MBeans

Kabir Khan (JIRA) jira-events at lists.jboss.org
Thu Sep 12 13:06:03 EDT 2013 

    [ https://issues.jboss.org/browse/WFLY-2040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12803975#comment-12803975 ] 

Kabir Khan commented on WFLY-2040:
----------------------------------

I have made the original fix in my rbac-jmx-WFLY-2040 branch. My rbac-jmx-WFLY-2040-with-temp-tests contains your tests along with the changes needed to make the operations test work. Part of that are some fixes in remoting jmx to make it work, which is currently a snapshot. You can build that snapshot from https://github.com/kabir/remoting-jmx/commits/clear-subject-before-cl. I think Darran is planning on merging and releasing another CR tomorrow (Friday).
                
> RBAC + JMX: auditor can't read sensitive non-core MBeans
> --------------------------------------------------------
>
>                 Key: WFLY-2040
>                 URL: https://issues.jboss.org/browse/WFLY-2040
>             Project: WildFly
>          Issue Type: Sub-task
>          Components: Domain Management, JMX
>            Reporter: Ladislav Thon
>            Assignee: Kabir Khan
>              Labels: rbac-filed-by-qa
>
> If I set non-core MBeans to be sensitive, like
> {code:xml}
> <subsystem xmlns="urn:jboss:domain:jmx:1.3">
>     <expose-resolved-model/>
>     <expose-expression-model/>
>     <remoting-connector/>
>     <sensitivity non-core-mbeans="true"/>
> </subsystem>
> {code}
> then I expect all roles that can read sensitive data (administrator, auditor, superuser) to be able to read non-core MBeans too. This is currently broken, as only administrator and superuser can read non-core MBeans, auditor cannot. I have a test case for this that I will submit later, but the important part is:
> {code}
> boolean successExpected = ...; // 'true' for auditor
> MBeanServerConnection connection = ...;
> ObjectName domain = new ObjectName("java.lang:type=OperatingSystem");
> try {
>     Object attribute = connection.getAttribute(domain, "Name");
>     assertTrue("Failure was expected", successExpected);
>     assertEquals(System.getProperty("os.name"), attribute.toString());
> } catch (IOException e) {
>     if (e.getCause() instanceof RuntimeMBeanException && e.getCause().getMessage().contains("11360")) {
>         assertFalse("Success was expected but failure happened: " + e, successExpected);
>     } else {
>         throw e;
>     }
> }
> {code}
> Please note that I'm speaking about _reading_ sensitive data, which, if I understand correctly, auditor _can_ do.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list