[jboss-jira] [JBoss JIRA] (WFCORE-4551) Cannot add Elytron jdbc-realm using embedded server in admin mode

Brian Stansberry (Jira) issues at jboss.org
Wed Jun 26 13:48:00 EDT 2019 

     [ https://issues.jboss.org/browse/WFCORE-4551?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Brian Stansberry updated WFCORE-4551:
-------------------------------------
    Component/s: Embedded


> Cannot add Elytron jdbc-realm using embedded server in admin mode
> -----------------------------------------------------------------
>
>                 Key: WFCORE-4551
>                 URL: https://issues.jboss.org/browse/WFCORE-4551
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Embedded, Security
>    Affects Versions: 8.0.0.Final, 9.0.1.Final
>            Reporter: David Gill
>            Assignee: Darran Lofthouse
>            Priority: Major
>
> On a fresh a Wildfly install (tested on 16.final and 17.final) the following jboss-cli commands will fail to add an Elytron jdbc-realm to an embedded server using the ExampleDS data source that is predefined out-of-the-box:
> {noformat}
> embed-server --server-config=standalone.xml
> /subsystem=elytron/jdbc-realm=MyRealm:add(principal-query=[{sql="SELECT * FROM Users WHERE username = ?", data-source=ExampleDS}])
> {noformat}
> Resulting in this error:
> {noformat}
> ERROR [org.jboss.as.controller.management-operation] (pool-3-thread-1) WFLYCTL0013: Operation ("add") failed - address: ([
>     ("subsystem" => "elytron"),
>     ("jdbc-realm" => "MyRealm")
> ]) - failure description: {
>     "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.data-source.ExampleDS"],
>     "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-realm.MyRealm is missing [org.wildfly.data-source.ExampleDS]"]
> }
> {
>     "outcome" => "failed",
>     "failure-description" => {
>         "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.data-source.ExampleDS"],
>         "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-realm.MyRealm is missing [org.wildfly.data-source.ExampleDS]"]
>     },
>     "rolled-back" => true
> }
> {noformat}
> If you instead embed the server using {{--admin-only=false}} then the jdbc-realm will be added successfully.
> A workaround seems to be to first add and remove some other type of realm with the same name as the jdbc-realm you want to add, here for example using an identity-realm:
> {noformat}
> embed-server --server-config=standalone.xml
> # First add & remove a dummy realm with the same name as the jdbc-realm you want to add
> /subsystem=elytron/identity-realm=MyRealm:add(identity='dummy identity realm')
> /subsystem=elytron/identity-realm=MyRealm:remove
> # Now the jdbc-realm will add successfully
> /subsystem=elytron/jdbc-realm=MyRealm:add(principal-query=[{sql="SELECT * FROM Users WHERE username = ?", data-source=ExampleDS}])
> {noformat}



--
This message was sent by Atlassian Jira
(v7.12.1#712002)

More information about the jboss-jira mailing list