[jboss-jira] [JBoss JIRA] (WFLY-7071) Changing default-realm of Elytron security-domain through CLI can put the server configuration to wrong state

Kabir Khan (JIRA) issues at jboss.org
Wed Dec 6 12:27:21 EST 2017 

     [ https://issues.jboss.org/browse/WFLY-7071?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Kabir Khan updated WFLY-7071:
-----------------------------
    Fix Version/s: 11.0.0.Final


I am bulk closing old issues that were resolved with no fix version. There are quite many of these so I am not checking the history properly. From the lastModified date of this issue it looks like it was done for 11.0.0.Final (I am not caring about alpha/beta etc. for this exercise). If that is incorrect please adjust as needed.

> Changing default-realm of Elytron security-domain through CLI can put the server configuration to wrong state
> -------------------------------------------------------------------------------------------------------------
>
>                 Key: WFLY-7071
>                 URL: https://issues.jboss.org/browse/WFLY-7071
>             Project: WildFly
>          Issue Type: Bug
>          Components: Security
>            Reporter: Ondrej Lukas
>            Assignee: Jan Kalina
>             Fix For: 11.0.0.Final
>
>
> Values of write-attribute operation for default-realm of Elytron security-domain are not checked. It means that CLI allows users to set application server to wrong state. The same happens if realm, which is considered as default-realm, is removed from used security-domain realms. CLI should deny write attribute operation with wrong value (in the same way as it works for another security-domain attributes).
> After reload, server is not started and following logs occur in console:
> {code}
> ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool -- 25) WFLYCTL0013: Operation ("add") failed - address: ([
>     ("subsystem" => "elytron"),
>     ("security-domain" => "ApplicationDomain")
> ]) - failure description: "WFLYELY00013: The default_realm 'WrongRealm' is not in the list or realms referenced by this domain."
> ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) "WFLYCTL0193: Failed executing subsystem elytron boot operations"
> ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("parallel-subsystem-boot") failed - address: ([]) - failure description: "\"WFLYCTL0193: Failed executing subsystem elytron boot operations\""
> FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.
> {code}



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list