[jboss-jira] [JBoss JIRA] (WFCORE-1028) Poor handling of invalid roles

ehsavoie Hugonnet (JIRA) issues at jboss.org
Fri Dec 18 07:20:00 EST 2015 

     [ https://issues.jboss.org/browse/WFCORE-1028?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

ehsavoie Hugonnet reassigned WFCORE-1028:
-----------------------------------------

    Assignee: ehsavoie Hugonnet


> Poor handling of invalid roles
> ------------------------------
>
>                 Key: WFCORE-1028
>                 URL: https://issues.jboss.org/browse/WFCORE-1028
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Domain Management
>    Affects Versions: 2.0.0.CR5
>            Reporter: Brian Stansberry
>            Assignee: ehsavoie Hugonnet
>             Fix For: 3.0.0.Alpha1
>
>
> A CLI request with an invalid value in the "roles" header results in improper behavior:
> {code}
> [domain at localhost:9990 /] /host=*:read-resource{roles=slave-monitor}
> {
>     "outcome" => "failed",
>     "result" => [],
>     "rolled-back" => true
> }
> {code}
> The op should fail because the role doesn't exist, but there is no failure-description.
> The following is dumped in the HC log:
> {code}
> [Host Controller] 12:22:12,314 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 3) WFLYCTL0013: Operation ("resolve") failed - address: ([]): java.lang.IllegalArgumentException: WFLYCTL0327: Unknown role 'slave-monitor'
> [Host Controller] 	at org.jboss.as.controller.access.rbac.StandardRoleMapper.canRunAs(StandardRoleMapper.java:95)
> [Host Controller] 	at org.jboss.as.controller.access.rbac.RunAsRoleMapper.mapRoles(RunAsRoleMapper.java:143)
> [Host Controller] 	at org.jboss.as.controller.access.rbac.RunAsRoleMapper.mapRoles(RunAsRoleMapper.java:71)
> [Host Controller] 	at org.jboss.as.controller.access.rbac.DefaultPermissionFactory.getUserPermissions(DefaultPermissionFactory.java:109)
> [Host Controller] 	at org.jboss.as.controller.access.permission.ManagementPermissionAuthorizer.authorize(ManagementPermissionAuthorizer.java:91)
> [Host Controller] 	at org.jboss.as.controller.access.management.DelegatingConfigurableAuthorizer.authorize(DelegatingConfigurableAuthorizer.java:99)
> [Host Controller] 	at org.jboss.as.controller.OperationContextImpl.getBasicAuthorizationResponse(OperationContextImpl.java:1753)
> [Host Controller] 	at org.jboss.as.controller.OperationContextImpl.authorize(OperationContextImpl.java:1651)
> [Host Controller] 	at org.jboss.as.controller.OperationContextImpl.readResourceFromRoot(OperationContextImpl.java:833)
> [Host Controller] 	at org.jboss.as.controller.OperationContextImpl.readResource(OperationContextImpl.java:818)
> [Host Controller] 	at org.jboss.as.controller.operations.global.GlobalOperationHandlers$ModelAddressResolver.execute(GlobalOperationHandlers.java:402)
> [Host Controller] 	at org.jboss.as.controller.operations.global.GlobalOperationHandlers$ModelAddressResolver.execute(GlobalOperationHandlers.java:306)
> [Host Controller] 	at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:890)
> [Host Controller] 	at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:659)
> [Host Controller] 	at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:370)
> [Host Controller] 	at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1336)
> [Host Controller] 	at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:391)
> [Host Controller] 	at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:217)
> [Host Controller] 	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:207)
> [Host Controller] 	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$300(ModelControllerClientOperationHandler.java:129)
> [Host Controller] 	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:151)
> [Host Controller] 	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:147)
> [Host Controller] 	at java.security.AccessController.doPrivileged(Native Method)
> [Host Controller] 	at javax.security.auth.Subject.doAs(Subject.java:422)
> [Host Controller] 	at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:92)
> [Host Controller] 	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:147)
> [Host Controller] 	at org.jboss.as.protocol.mgmt.AbstractMessageHandler$2$1.doExecute(AbstractMessageHandler.java:299)
> [Host Controller] 	at org.jboss.as.protocol.mgmt.AbstractMessageHandler$AsyncTaskRunner.run(AbstractMessageHandler.java:519)
> [Host Controller] 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [Host Controller] 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [Host Controller] 	at java.lang.Thread.run(Thread.java:745)
> [Host Controller] 	at org.jboss.threads.JBossThread.run(JBossThread.java:320)
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jboss-jira mailing list