[jboss-jira] [JBoss JIRA] (WFCORE-3839) Cannot read-identity of filesystem-realm if change level attribute later

Claudio Miranda (JIRA) issues at jboss.org
Mon May 14 16:32:00 EDT 2018 

    [ https://issues.jboss.org/browse/WFCORE-3839?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13576143#comment-13576143 ] 

Claudio Miranda commented on WFCORE-3839:
-----------------------------------------

> Does this prevent changing attribute manually in standalone.xml? 

No.

> Do we have such creation only attributes in model now?

There are other attributes that are set on create time only, for example:
/profile=full-ha/subsystem=messaging-activemq/server=default/queue=*


> Cannot read-identity of filesystem-realm if change level attribute later
> ------------------------------------------------------------------------
>
>                 Key: WFCORE-3839
>                 URL: https://issues.jboss.org/browse/WFCORE-3839
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>            Reporter: Claudio Miranda
>            Assignee: Darran Lofthouse
>
> Add filesystem-realm, add a identity, then change the levels to 3, the previously added identity cannot be recovered anymore. This is due to the directory structure previously created. Perhaps, the levels attribute should be set at creation time only ?
> {code}
> [standalone at localhost:9990 /] /subsystem=elytron/filesystem-realm=file_realm1:add(path=file_realm)
> {"outcome" => "success"}
> [standalone at localhost:9990 /] /subsystem=elytron/filesystem-realm=file_realm1:add-identity(identity=user1)
> {"outcome" => "success"}
> [standalone at localhost:9990 /] /subsystem=elytron/filesystem-realm=file_realm1:read-identity(identity=user1)
> {
>     "outcome" => "success",
>     "result" => {
>         "name" => "user1",
>         "attributes" => undefined
>     }
> }
> [standalone at localhost:9990 /] /subsystem=elytron/filesystem-realm=file_realm1:write-attribute(name=levels,value=3)
> {
>     "outcome" => "success",
>     "response-headers" => {
>         "operation-requires-reload" => true,
>         "process-state" => "reload-required"
>     }
> }
> [standalone at localhost:9990 /] reload
> [standalone at localhost:9990 /] /subsystem=elytron/filesystem-realm=file_realm1:read-identity(identity=user1)
> {
>     "outcome" => "failed",
>     "failure-description" => "WFLYELY01002: Identity with name [user1] not found.",
>     "rolled-back" => true
> }
> {code}



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list