[jboss-jira] [JBoss JIRA] (WFCORE-3677) get-provider-points return /profile addresses for host level resources

Claudio Miranda (JIRA) issues at jboss.org
Thu Mar 8 17:00:00 EST 2018 

Claudio Miranda created WFCORE-3677:
---------------------------------------

             Summary: get-provider-points return /profile addresses for host level resources
                 Key: WFCORE-3677
                 URL: https://issues.jboss.org/browse/WFCORE-3677
             Project: WildFly Core
          Issue Type: Enhancement
          Components: Security
            Reporter: Claudio Miranda
            Assignee: Darran Lofthouse
            Priority: Minor


key-manager resource at /host=master/subsystem=elytron/key-manager=*
contains the "key-store" attribute, which has a "capability-reference" => "org.wildfly.security.key-store"

get-provider-points returns /profile addresses that should not be a valid reference for a host level resource
{code}
/host=master/core-service=capability-registry:get-provider-points(name="org.wildfly.security.key-store")
{
    "outcome" => "success",
    "result" => [
        "/host=master/subsystem=elytron/key-store=*",
        "/host=master/subsystem=elytron/ldap-key-store=*",
        "/host=master/subsystem=elytron/filtering-key-store=*",
        "/profile=*/subsystem=elytron/key-store=*",
        "/profile=*/subsystem=elytron/ldap-key-store=*",
        "/profile=*/subsystem=elytron/filtering-key-store=*",
        "/profile=*/subsystem=security/elytron-key-store=*",
        "/profile=*/subsystem=security/elytron-trust-store=*"
    ]
}
{code}

A test case
{code}
/profile=full/subsystem=elytron/key-store=ks_full:add(credential-reference={clear-text=senha},type=JKS)

/host=master/subsystem=elytron/key-manager=my_km:add(key-store=ks_full,credential-reference={clear-text=senha})
{
    "outcome" => "failed",
    "result" => {},
    "failure-description" => {"host-failure-descriptions" => {"master" => "WFLYCTL0369: Required capabilities are not available:
    org.wildfly.security.key-store.ks_full in context 'host'; Possible registration points for this capability: 
                /host=master/subsystem=elytron/key-store=*
                /host=master/subsystem=elytron/ldap-key-store=*
                /host=master/subsystem=elytron/filtering-key-store=*
                /profile=*/subsystem=elytron/key-store=*
                /profile=*/subsystem=elytron/ldap-key-store=*
                /profile=*/subsystem=elytron/filtering-key-store=*
                /profile=*/subsystem=security/elytron-key-store=*
                /profile=*/subsystem=security/elytron-trust-store=*"}},
    "rolled-back" => true
}

{code}

The returned addresses in the error message should contains only valid addresses.

side note: CLI code completion works correctly in not showing resources from /profile addresses.
/host=master/subsystem=elytron/key-manager=my_km:add(key-store=<tab>



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list