[jboss-jira] [JBoss JIRA] (WFLY-1984) MBeanAttributeInfo#isReadable and MBeanAttributeInfo#isWrittable return always true

Brian Stansberry (JIRA) jira-events at lists.jboss.org
Thu Sep 12 18:08:03 EDT 2013 

    [ https://issues.jboss.org/browse/WFLY-1984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12804023#comment-12804023 ] 

Brian Stansberry commented on WFLY-1984:
----------------------------------------

The javadoc for these methods says they indicate whether the attribute "can be read" or "can be written" but there is no qualification that the answer is with respect to the current caller. Our current impl is consistent with this.

The MBean spec isn't completely clear on this. I'll get into that in a bit. But, I'd like this to be analogous to the metadata we provide for core management resources, where the "access-type" field in an attribute description describes the attributes inherent nature, with the separate "access-control" metadata providing information about a particular caller's permissions.

For JMX we don't have any equivalent for the "access-control" stuff we add to the read-resource-description output. In the future we could perhaps do this with an implementation of javax.management.Descriptor. But I believe that won't happen for WF 8.0; too late.

The JMX 1.2 spec says, on page 57:

"MBean access is either readable, writable or both. Read access implies that a manager can get the value of this attribute, and write access that it can set its value:
■ The isReadable method will return true if this attribute has a getter method in its MBean interface or if the getAttribute method of the DynamicMBean interface will succeed with this attribute’s name as the parameter; otherwise it will return false.
■ The isWritable method will return true if this attribute has a setter method in its MBean interface or if the setAttribute method of the DynamicMBean interface will succeed with this attribute’s name as a parameter; otherwise it will return false."

It's not clear regarding the context of that "manager can get" "can set" and "will succeed", i.e. whether it means "ever" or "if the current caller instantaneously tries to do this."
                
> MBeanAttributeInfo#isReadable and MBeanAttributeInfo#isWrittable return always true
> -----------------------------------------------------------------------------------
>
>                 Key: WFLY-1984
>                 URL: https://issues.jboss.org/browse/WFLY-1984
>             Project: WildFly
>          Issue Type: Sub-task
>          Components: Domain Management, Security
>            Reporter: Jakub Cechacek
>            Assignee: Kabir Khan
>              Labels: rbac-filed-by-qa
>             Fix For: 8.0.0.CR1
>
>
> According to javadoc [1] these methods should return boolean value based on whether this attribute can be read / written. However currently true is returned even though authenticated user can't perform read / write operation. 
> Note: As I am familiar with JMX spec only very briefly, it is possible that these methods are intended for something bit different. 
> [1] http://docs.oracle.com/javase/7/docs/api/javax/management/MBeanAttributeInfo.html#isReadable()

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list