[jboss-jira] [JBoss JIRA] (WFLY-5012) Resource alias operation inconsistencies

Heiko Braun (JIRA) issues at jboss.org
Mon Jul 27 09:58:03 EDT 2015 

    [ https://issues.jboss.org/browse/WFLY-5012?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13093088#comment-13093088 ] 

Heiko Braun edited comment on WFLY-5012 at 7/27/15 9:57 AM:
------------------------------------------------------------

A solution would be the response to contain the address of the requested resource. In our example the response address would then be :

{noformat}
/profile=full/subsystem=infinispan/cache-container=*/invalidation-cache=*/eviction=EVICTION:read-resource-description

returns

"address" => [
            ("profile" => "full"),
            ("subsystem" => "infinispan"),
            ("cache-container" => "*"),
            ("invalidation-cache" => "*"),
            ("eviction" => "EVICTION")
        ],
{noformat}


was (Author: heiko.braun):
A solution would be the response to contain the address of the requested resource. In our example the response address would then be :

{noformat}
"address" => [
            ("profile" => "full"),
            ("subsystem" => "infinispan"),
            ("cache-container" => "*"),
            ("invalidation-cache" => "*"),
            ("eviction" => "EVICTION")
        ],
{noformat}

> Resource alias operation inconsistencies
> ----------------------------------------
>
>                 Key: WFLY-5012
>                 URL: https://issues.jboss.org/browse/WFLY-5012
>             Project: WildFly
>          Issue Type: Bug
>          Components: Domain Management
>            Reporter: Heiko Braun
>            Assignee: Kabir Khan
>            Priority: Blocker
>             Fix For: 10.0.0.Beta1
>
>
> Formlery we could request the ../eviction=EVICTION resource. I assume that with the resource name change a transformer kicks that redirects the request to the ../component" => "eviction resource. The response header however contains the wrong address, which prevents clients to correlate the request with the response. 
> *In HAL this breaks the access control mechanism.*
> {noformat}
> [domain at localhost:9990 /] /profile=full/subsystem=infinispan/cache-container=*/invalidation-cache=*/eviction=EVICTION:read-resource-description
> {
>     "outcome" => "success",
>     "result" => [{
>         "address" => [
>             ("profile" => "full"),
>             ("subsystem" => "infinispan"),
>             ("cache-container" => "*"),
>             ("invalidation-cache" => "*"),
>             ("component" => "eviction")
>         ],
>         "outcome" => "success",
>  [...]
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

More information about the jboss-jira mailing list