[jboss-jira] [JBoss JIRA] (WFCORE-2503) Legacy security domain used as Elytron security realm does not work in authorization part of aggregate-realm
Kabir Khan (JIRA)
issues at jboss.org
Tue Apr 3 13:50:01 EDT 2018
[ https://issues.jboss.org/browse/WFCORE-2503?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kabir Khan closed WFCORE-2503.
------------------------------
> Legacy security domain used as Elytron security realm does not work in authorization part of aggregate-realm
> ------------------------------------------------------------------------------------------------------------
>
> Key: WFCORE-2503
> URL: https://issues.jboss.org/browse/WFCORE-2503
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Priority: Critical
> Attachments: print-roles.war
>
>
> In case when legacy security domain is used as Elytron security realm and is added as authorization realm to aggregate-realm then no roles are assigned to authenticated user.
> I tried to use following legacy security domain:
> {code}
> <security-domain name="legacyDomain" cache-type="default">
> <authentication>
> <login-module code="UsersRoles" flag="required">
> <module-option name="usersProperties" value="/tmp/users.properties"/>
> <module-option name="rolesProperties" value="/tmp/roles.properties"/>
> </login-module>
> </authentication>
> <mapping>
> <mapping-module code="SimpleRoles" type="role">
> <module-option name="admin" value="User"/>
> </mapping-module>
> </mapping>
> </security-domain>
> {code}
> Roles should be assigned from mapping. Since it seems that there is no documentation related to this topic I am not sure whether roles should be assigned also from rolesProperties of UsersRoles login module - it needs to be clarified by developers.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list