[jboss-jira] [JBoss JIRA] (WFLY-9914) Server reload breaks security context
Teresa Miyar (Jira)
issues at jboss.org
Wed Nov 7 11:11:00 EST 2018
[ https://issues.jboss.org/browse/WFLY-9914?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Teresa Miyar resolved WFLY-9914.
--------------------------------
Release Notes Text: It cannot be reproduced in newer versions, resolving as outdated.
Resolution: Out of Date
> Server reload breaks security context
> -------------------------------------
>
> Key: WFLY-9914
> URL: https://issues.jboss.org/browse/WFLY-9914
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Final
> Environment: Ubuntu 16.04 LTS, Oracle JDK 1.8.0_161
> Reporter: Harald Wellmann
> Assignee: Teresa Miyar
> Priority: Major
>
> h3. Summary
> A minimal example webapp using Soteria and DeltaSpike Security works as expected when first deployed to WildFly.
> After issuing a {{reload}} command via {{jboss-cli.sh}}, the application no longer works, since no groups are associated to the caller principal.
> The problem no longer occurs after a server shutdown and restart.
> h3. Details
> {noformat}
> # Start server
> $ ${JBOSS_HOME}/bin/standalone.sh
> # Build and deploy demo
> $ git clone https://github.com/hwellmann/security-demo.git
> $ cd security-demo
> $ mvn deploy
> # Request protected resource
> $ curl -u operator:secret http://localhost:8080/api/version
> {"version":1}
> # Reload server
> $ ${JBOSS_HOME}/bin/jboss-cli.sh -c --command=:reload
> # Issue same request, access denied
> $ curl -u operator:secret http://localhost:8080/api/version
> {"message":"requested access to the resource is denied"}
> {noformat}
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list