[jboss-jira] [JBoss JIRA] (WFLY-10861) MP Health - security enabled, no user yed added, user get info about adding user to access management interface, HTTP code is 200, should be 500

Darran Lofthouse (JIRA) issues at jboss.org
Fri Aug 24 08:01:00 EDT 2018 

    [ https://issues.jboss.org/browse/WFLY-10861?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13623765#comment-13623765 ] 

Darran Lofthouse commented on WFLY-10861:
-----------------------------------------

FYI both examples use WildFly Elytron, PicketBox is not in use at all for the security of the management interfaces.

A server restart is not required when referencing the Elytron subsystem configuration directly, the load operation can be invoked on the properties-realm resource: -

{noformat}
[standalone at localhost:9990 /] ./subsystem=elytron/properties-realm=ApplicationRealm:read-operation-description(name=load)
{
    "outcome" => "success",
    "result" => {
        "operation-name" => "load",
        "description" => "Reload the properties files from the file system.",
        "request-properties" => {},
        "reply-properties" => {},
        "read-only" => false,
        "runtime-only" => true
    }
}
{noformat}

> MP Health - security enabled, no user yed added, user get info about adding user to access management interface, HTTP code is 200, should be 500
> ------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: WFLY-10861
>                 URL: https://issues.jboss.org/browse/WFLY-10861
>             Project: WildFly
>          Issue Type: Bug
>          Components: Management, MP Health
>            Reporter: Rostislav Svoboda
>            Assignee: Kabir Khan
>            Priority: Blocker
>             Fix For: 14.0.0.CR1
>
>
> I do {{:write-attribute(name=security-enabled, value=true)}} ++ reload of the server
> Note: I didn't add user via {{bin/add-user.sh}}
> ----
> Kabir edit: the full command is: 
> /subsystem=microprofile-health-smallrye:write-attribute(name=security-enabled,value=true)
> ----
> When I'm trying to access http://127.0.0.1:9990/health I receive page which is there primarily for web console:
> {code}
> <h3>Your WildFly Application Server is running.</h3>
> <p>However you have <strong>not</strong> yet <strong>added any users</strong> to be able
>  to access the admin console.</p>
> <p>To add a new user execute the <code>add-user.sh</code> script within the bin folder of
>  your WildFly installation and enter the requested information.</p>
> {code}
> Can /health endpoint get customized response in case no mgmt user is defined on server side ?
> Current response can be little confusing if user is not yet so familiar with WildFly.
> -I marked this as minor bug.- ... see comments



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list