[jboss-jira] [JBoss JIRA] (WFLY-2139) ProxyStepHandler/Controller need to check access before attempting to read information
RH Bugzilla Integration (JIRA)
jira-events at lists.jboss.org
Mon Sep 23 23:27:45 EDT 2013
[ https://issues.jboss.org/browse/WFLY-2139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12806767#comment-12806767 ]
RH Bugzilla Integration commented on WFLY-2139:
-----------------------------------------------
Brian Stansberry <brian.stansberry at redhat.com> changed the Status of [bug 1010672|https://bugzilla.redhat.com/show_bug.cgi?id=1010672] from NEW to MODIFIED
> ProxyStepHandler/Controller need to check access before attempting to read information
> --------------------------------------------------------------------------------------
>
> Key: WFLY-2139
> URL: https://issues.jboss.org/browse/WFLY-2139
> Project: WildFly
> Issue Type: Sub-task
> Components: Domain Management, Security
> Reporter: Kabir Khan
> Assignee: Kabir Khan
> Fix For: 8.0.0.CR1
>
>
> This affects things like recursive :read-resource(-description) :read-children-resources and so on. The problem as it stands is that if you have, say, a host scoped role scoped to host=master, and there is also a slave host controller, and you try to :read-resource(recursive=true,proxies=true), the master will list the slave host controller in its list of child addresses. It will then execute /host=slave:read-resource(recursive=true,proxies=true), which will fail and roll back the tx since the master host scoped role does not have access to that resource.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list