[jboss-jira] [JBoss JIRA] (WFLY-9914) Server reload breaks security context
Darran Lofthouse (JIRA)
issues at jboss.org
Tue Jul 31 07:33:06 EDT 2018
[ https://issues.jboss.org/browse/WFLY-9914?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse reassigned WFLY-9914:
--------------------------------------
Assignee: (was: Darran Lofthouse)
> Server reload breaks security context
> -------------------------------------
>
> Key: WFLY-9914
> URL: https://issues.jboss.org/browse/WFLY-9914
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Final
> Environment: Ubuntu 16.04 LTS, Oracle JDK 1.8.0_161
> Reporter: Harald Wellmann
>
> h3. Summary
> A minimal example webapp using Soteria and DeltaSpike Security works as expected when first deployed to WildFly.
> After issuing a {{reload}} command via {{jboss-cli.sh}}, the application no longer works, since no groups are associated to the caller principal.
> The problem no longer occurs after a server shutdown and restart.
> h3. Details
> {noformat}
> # Start server
> $ ${JBOSS_HOME}/bin/standalone.sh
> # Build and deploy demo
> $ git clone https://github.com/hwellmann/security-demo.git
> $ cd security-demo
> $ mvn deploy
> # Request protected resource
> $ curl -u operator:secret http://localhost:8080/api/version
> {"version":1}
> # Reload server
> $ ${JBOSS_HOME}/bin/jboss-cli.sh -c --command=:reload
> # Issue same request, access denied
> $ curl -u operator:secret http://localhost:8080/api/version
> {"message":"requested access to the resource is denied"}
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list