[jboss-jira] [JBoss JIRA] (WFCORE-2614) Elytron SecurityRealm included more times in a SecurityDomain breaks the domain service

Darran Lofthouse (JIRA) issues at jboss.org
Mon Apr 3 08:15:00 EDT 2017 

    [ https://issues.jboss.org/browse/WFCORE-2614?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13387834#comment-13387834 ] 

Darran Lofthouse commented on WFCORE-2614:
------------------------------------------

Discussed with Brian, we do need to add an additional step to verify no duplicates to allow for composite operations.

Additionally we previously added support to verify the default realm is within the list of referenced realms, this should also be in an additional step so both can be added to a dedicated op at the end of Stage.MODEL and verified together.

> Elytron SecurityRealm included more times in a SecurityDomain breaks the domain service
> ---------------------------------------------------------------------------------------
>
>                 Key: WFCORE-2614
>                 URL: https://issues.jboss.org/browse/WFCORE-2614
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 3.0.0.Beta12
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>            Priority: Critical
>              Labels: eap71_beta, management-model, security-domain
>             Fix For: 3.0.0.Beta13
>
>
> Elytron subsystem allows to add the same realm more times into a single security domain. Nevertheless in such case domain stops to work with following error message:
> {noformat}
> 16:14:17,411 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool -- 54) WFLYCTL0013: Operation ("add") failed - address: ([
>     ("subsystem" => "elytron"),
>     ("security-domain" => "ManagementDomain")
> ]) - failure description: "WFLYELY00002: Can not inject the same realm 'local' in a single security domain."
> {noformat}
> If such the changed domain is ManagementDomain, then the server stops to start at all.
> *Suggested fix*
> * either allow to have the same realm in a security domain more times
> * or check for duplicate realms already when adding/changing the domain



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list