[jboss-jira] [JBoss JIRA] (WFCORE-3421) Incorrect usage of requires for defining the relationship between outflow-anonymous and outflow-security-domains

Darran Lofthouse (JIRA) issues at jboss.org
Thu Nov 16 08:16:00 EST 2017 

    [ https://issues.jboss.org/browse/WFCORE-3421?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13490826#comment-13490826 ] 

Darran Lofthouse commented on WFCORE-3421:
------------------------------------------

[~mchoma] Please don't delete my comments.

I don't want to identify where we have attributes that have a default and a requires specified.

I want to identify cases where these two are specified and the error reported by the management tier is actually valid.

i.e. Where an attribute has a default defined then a subsystem can always correctly function using that value without the required attribute being set.  How does explicitly setting an attribute to it's default value made the required attribute required.

We have a proposal to add custom validation code to eliminate an error message that for me at the moment makes no sense - I would like to know if there are examples this error being reported is actually valid.


> Incorrect usage of requires for defining the relationship between outflow-anonymous and outflow-security-domains
> ----------------------------------------------------------------------------------------------------------------
>
>                 Key: WFCORE-3421
>                 URL: https://issues.jboss.org/browse/WFCORE-3421
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 4.0.0.Alpha2
>            Reporter: ehsavoie Hugonnet
>
> If outflow-anonymous is set to false then there is no need for outflow-security-domains as the default configuration shows clearly.
> So 
> {noformat}
> /subsystem=elytron/security-domain=ApplicationDomain:add(default-realm=ApplicationRealm,outflow-anonymous=false,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles}])
> {noformat}
> should work like 
> {noformat}
> /subsystem=elytron/security-domain=ApplicationDomain:add(default-realm=ApplicationRealm,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles}])
> {noformat}
> A custom validation code is required instead of relying on the setRequires of SimpleAttributeDefinition



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list