[jboss-jira] [JBoss JIRA] (WFCORE-1964) Internal ModelControllerClient should bypass access control by default

Brian Stansberry (JIRA) issues at jboss.org
Tue Nov 8 15:52:00 EST 2016 

    [ https://issues.jboss.org/browse/WFCORE-1964?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13319114#comment-13319114 ] 

Brian Stansberry commented on WFCORE-1964:
------------------------------------------

The client is obtained via service injection of a ModelController and then invoking its ModelControllerClient createClient(Executor executor) method. The ModelController interface is only implemented by us so we are via to add other methods to it, e.g. a createClient variant that somehow specifies that some sort of inflow should happen when that client is used.

The default behavior should be as it was in WF 10 or earlier; calls end up with SUPERUSER-like powers.

Just an FYI: I may want to refactor the ModelController interface a bit, to separate the createClient API from the "execute" API. There are two different kinds of users for those methods and it would be better if the createClient callers didn't see the "execute" methods. The createClient stuff would then be available via a capability. The "execute" stuff is purely internal to the kernel, so no capability-based access.

> Internal ModelControllerClient should bypass access control by default
> ----------------------------------------------------------------------
>
>                 Key: WFCORE-1964
>                 URL: https://issues.jboss.org/browse/WFCORE-1964
>             Project: WildFly Core
>          Issue Type: Task
>          Components: Domain Management, Security
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>            Priority: Blocker
>             Fix For: 3.0.0.Alpha12
>
>
> This is continuing compatibility where in-vm clients can perform actions without triggering management access control.
> It would be nice also if we could find a way to make it possible to selectively disable this for cases where we want identity propagation between applications and the management tier.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list