[jboss-jira] [JBoss JIRA] (WFCORE-2820) Elytron, changing security-domain/mechanism-configurations of http-authentication-factory ends in reload-required state

Martin Choma (JIRA) issues at jboss.org
Wed May 17 08:33:00 EDT 2017 

Martin Choma created WFCORE-2820:
------------------------------------

             Summary: Elytron, changing security-domain/mechanism-configurations of http-authentication-factory ends in reload-required state
                 Key: WFCORE-2820
                 URL: https://issues.jboss.org/browse/WFCORE-2820
             Project: WildFly Core
          Issue Type: Bug
          Components: Security
            Reporter: Martin Choma
            Assignee: Darran Lofthouse


Changing attributes {{security-domain}} and {{mechanism-configurations}}  of http-authentication-factory does not apply immediatelly even though header allow-resource-service-restart=true is used

{code}
[standalone at localhost:9990 /] /subsystem=elytron/http-authentication-factory=application-http-authentication:write-attribute(name=security-domain,value=ApplicationDomain){allow-resource-service-restart=true}
{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.UnsupportedOperationException",
    "rolled-back" => true
}

[standalone at localhost:9990 /] /subsystem=elytron/http-authentication-factory=application-http-authentication:write-attribute(name=mechanism-configurations[0].host-name,value=localhost){allow-resource-service-restart=true}
{
    "outcome" => "success",
    "response-headers" => {
        "operation-requires-reload" => true,
        "process-state" => "reload-required"
    }
}
{code}

Header should work as attributes are declared as {{"restart-required" => "resource-services"}}
{code}
"security-domain" => {
    "type" => STRING,
    "description" => "The SecurityDomain to associate with this resource",
    "expressions-allowed" => false,
    "required" => true,
    "nillable" => false,
    "capability-reference" => "org.wildfly.security.security-domain",
    "min-length" => 1L,
    "max-length" => 2147483647L,
    "access-type" => "read-write",
    "storage" => "configuration",
    "restart-required" => "resource-services"
}
{code}

And according to documentation [1]:

resource-services – The operation can only immediately update the persistent configuration; applying the operation to the runtime will require a subsequent restart of some services associated with the resource. If the operation includes the request header "allow-resource-service-restart" => true, the handler for the operation will go ahead and restart the runtime service. Otherwise executing the operation will put the server into a "reload-required" state. (See the discussion of "all-services" above for more on the "reload-required" state.)

[1] https://docs.jboss.org/author/display/WFLY10/Description+of+the+Management+Model

Make allow-resource-service-restart=true work or if it is not achievable redefine restart-required model metadata appropriately, e.g. "all-services"



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list