[jboss-jira] [JBoss JIRA] (WFWIP-316) Different behaviour of ADMIN_PASSWORD and securing management interface

[Jeff Mesnil (Jira)]

    [ https://issues.redhat.com/browse/WFWIP-316?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14093673#comment-14093673 ] 

Jeff Mesnil commented on WFWIP-316:
-----------------------------------

[~mchoma] I'm not sure that this issue is blocker.

As I understand it, the issue  is related to the use of Elytron vs legacy security. If the application is configured with Elytron (instead of legacy security) on EAP 7.3.1, the test would fail, is that right?

I would agree with Jean-Francois that the test fixture could be updated in that case and remove --no-local-auth.


> Different behaviour of ADMIN_PASSWORD and securing management interface
> -----------------------------------------------------------------------
>
>                 Key: WFWIP-316
>                 URL: https://issues.redhat.com/browse/WFWIP-316
>             Project: WildFly WIP
>          Issue Type: Bug
>          Components: OpenShift
>            Reporter: Martin Choma
>            Assignee: Jeff Mesnil
>            Priority: Blocker
>              Labels: EAP-XP1
>
> With XP image started to fail test where {{ADMIN_PASSWORD}} env var is empty. Because test is expecting management interface to be unsecured in that case. But this does not happen and management interface is secured with SASL authentication factory. Test is using CLI so it is SASL which is used for accessing management interface.
> Seems in other images CD, 7.3.0.GA (with legacy security in place) when {{ADMIN_PASSWORD}} was empty management interface was left unsecured.
> Seems to me we should be consistent between legacy security and Elytron approach of securing OpenShift images.



--
This message was sent by Atlassian Jira
(v7.13.8#713008)