[jboss-jira] [JBoss JIRA] (WFLY-1895) Provide a "default" role for users with no other role specified
Brian Stansberry (JIRA)
jira-events at lists.jboss.org
Thu Sep 19 08:41:03 EDT 2013
[ https://issues.jboss.org/browse/WFLY-1895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12805783#comment-12805783 ]
Brian Stansberry commented on WFLY-1895:
----------------------------------------
WFLY-2037 adds the 403 response code when the request is unauthorized. WLFY-2068 adds the "include-all" notion, which is the mechanism we will use for providing a kind of default role.
What I see left for this issue is just the case where no security realm is configured on the management interfaces; making sure that is handled cleanly.
> Provide a "default" role for users with no other role specified
> ---------------------------------------------------------------
>
> Key: WFLY-1895
> URL: https://issues.jboss.org/browse/WFLY-1895
> Project: WildFly
> Issue Type: Sub-task
> Components: Domain Management, Security
> Reporter: Jakub Cechacek
> Assignee: Brian Stansberry
> Labels: rbac-filed-by-qa
> Fix For: 8.0.0.CR1
>
>
> Currently it seems that when using RBAC provider users with no defined role are unable to read domain model at all. Consequently logging into Admin Console leads to 500 error page. Similar errors in CLI.
> In relation to this, it should be considered what is the expected behavior of unsecured management interface.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list