[jboss-jira] [JBoss JIRA] (WFLY-2738) Deprecated resource is present in r-r-d of /subsystem=security/security-domain=*
Brian Stansberry (JIRA)
issues at jboss.org
Wed Jul 23 11:43:30 EDT 2014
[ https://issues.jboss.org/browse/WFLY-2738?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12987451#comment-12987451 ]
Brian Stansberry commented on WFLY-2738:
----------------------------------------
Good question. That seems to be the heart of this JIRA. It seems the code actually works as expected and this a request for a behavior change and not really a bug.
The problem is the child registration at the *complete path element* login-module=* is an alias. But there's nothing that says the *child type login-module alone* is an alias. It's a valid child-type.
It's not the case in this particular security subsystem example, but it's perfectly possible that one complete path element for a given type is an alias while another is not.
If practical we could change the behavior to examine all the children registration of a given type and not report the type at all if all of them are aliases.
*However* if we change the behavior, we also must change read-children-types to have a matching semantic.
{code}
[standalone at localhost:9990 /] /subsystem=security/security-domain=other/acl=classic:read-children-types
{
"outcome" => "success",
"result" => [
"acl-module",
"login-module"
]
}
{code}
We would need to add an include-aliases param, default value of false to match r-r-d, and then not include the child-type in the result if r-r-d wouldn't include it.
I'm ok with making that change, but it is a breaking change, and it's likely quite a bit more work than I expected. So before doing that, please chat with Harald or Heiko to get a sense about how important this is to them.
> Deprecated resource is present in r-r-d of /subsystem=security/security-domain=*
> --------------------------------------------------------------------------------
>
> Key: WFLY-2738
> URL: https://issues.jboss.org/browse/WFLY-2738
> Project: WildFly
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Domain Management
> Affects Versions: 8.0.0.CR1
> Reporter: Harald Pehl
> Assignee: Emmanuel Hugonnet
> Priority: Minor
> Fix For: 9.0.0.CR1
>
>
> When executing
> {code}
> /subsystem=security/security-domain=*:read-resource-description(recursive-depth=2)
> {code}
> the acl subresource contains both the deprecated child-resource {{login-module}} and the new one called {{acl-module}}:
> {code}
> ...
> "acl" => {
> "description" => "Access control list configuration. Configures a list of ACL modules to be used.",
> "model-description" => {"classic" => {
> "description" => "Access control list configuration. Configures a list of ACL modules to be used.",
> ...
> "operations" => undefined,
> "children" => {
> "acl-module" => {
> "description" => "ACL module",
> "model-description" => {"*" => {
> "description" => "List of authentication modules",
> ...
> "operations" => undefined,
> "children" => {}
> }}
> },
> "login-module" => {
> "description" => "Login module",
> "model-description" => {"*" => undefined}
> }
> }
> }}
> },
> ...
> {code}
> However the deprecated subresource {{login-modules}} should only appear if setting {{include-aliases=true}}
--
This message was sent by Atlassian JIRA
(v6.2.6#6264)
More information about the jboss-jira
mailing list