[jboss-jira] [JBoss JIRA] (WFCORE-2362) Regression: Legacy LDAP security-realm reads system-property only during boot
Ondrej Lukas (JIRA)
issues at jboss.org
Tue Mar 7 02:09:00 EST 2017
[ https://issues.jboss.org/browse/WFCORE-2362?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ondrej Lukas updated WFCORE-2362:
---------------------------------
Description:
In legacy LDAP security-realm, {{org.jboss.as.domain.management.security.parseGroupNameFromLdapDN}} system property is used for decision between parsing role from DN (for property=true) or LDAP role search (otherwise). LDAP security-realm was able to read this property dynamically from server configuration. Currently it seems that LDAP security-realm reads this property only during server boot. This means that if this property is set through system-property resource in application server then reload of server is needed to start this feature.
This issue does not affects scenarios, where system property is set in standalone.conf.
was:
In legacy LDAP security-realm, {{org.jboss.as.domain.management.security.parseGroupNameFromLdapDN}} system property is used for decision between parsing role from DN (for property=true) or LDAP role search (otherwise). LDAP security-realm was able to read this property dynamically from server configuration. Since EAP 7.1.0.DR12 it seems that LDAP security-realm reads this property only during server boot. This means that if this property is set through system-property resource in application server then reload of server is needed to start this feature.
This issue does not affects scenarios, where system property is set in standalone.conf.
We request blocker flag due to regression.
> Regression: Legacy LDAP security-realm reads system-property only during boot
> -----------------------------------------------------------------------------
>
> Key: WFCORE-2362
> URL: https://issues.jboss.org/browse/WFCORE-2362
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Priority: Blocker
> Attachments: print-roles.war
>
>
> In legacy LDAP security-realm, {{org.jboss.as.domain.management.security.parseGroupNameFromLdapDN}} system property is used for decision between parsing role from DN (for property=true) or LDAP role search (otherwise). LDAP security-realm was able to read this property dynamically from server configuration. Currently it seems that LDAP security-realm reads this property only during server boot. This means that if this property is set through system-property resource in application server then reload of server is needed to start this feature.
> This issue does not affects scenarios, where system property is set in standalone.conf.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list