[jboss-jira] [JBoss JIRA] (WFCORE-2003) replacement expression in access-control
Darran Lofthouse (JIRA)
issues at jboss.org
Thu Nov 17 05:46:00 EST 2016
[ https://issues.jboss.org/browse/WFCORE-2003?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13324160#comment-13324160 ]
Darran Lofthouse commented on WFCORE-2003:
------------------------------------------
I would suggest holding off until after WildFly Elytron is integrated, WildFly Elytron is adding a lot more flexibility regarding mapping information obtained from the identity store.
> replacement expression in access-control
> ----------------------------------------
>
> Key: WFCORE-2003
> URL: https://issues.jboss.org/browse/WFCORE-2003
> Project: WildFly Core
> Issue Type: Feature Request
> Components: Domain Management
> Affects Versions: 2.1.0.Final
> Environment: EAP7.0.3
> Reporter: Hisanobu Okuda
> Assignee: Brian Stansberry
>
> Our customer wants to use replacement expression in `<access-control/>`:
> {code}
> ${env.VARNAME} for environemt vars
> ${VARNAME} for system properties
> ${VAULT::BLOCK::attribute::1} for vars stored inside jboss vault
> {code}
> Example:
> while adding group in for any role like (SuperUser) .
> {code}
> /core-service=management/access=authorization/role-mapping=SuperUser/include="group_admin":add(name="${ldap_admin_grp}", type=GROUP)
> {code}
> resulting :
> {code}
> <role name="SuperUser">
> <include>
> <user name="$local"/>
> <group alias="group_admin" name="${ldap_admin_grp}"/>
> </include>
> </role>
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list