Uploaded image for project: 'JBoss Server Migration Tool'
  1. JBoss Server Migration Tool
  2. CMTOOL-255

Broken 'domain.xml' after migration of <host-scoped-roles> leading to 'Boostrap error' in HAL

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not a Bug
    • Icon: Major Major
    • None
    • None
    • EAP 7.2
    • None

      Description:

      When migrating a domain configuration from JBoss EAP 7.1.6 having a broken <host-scoped-roles> configuration, the resulting domain.xml on EAP 7.2 is broken as well.

      JBoss EAP 7.1 is relaxed during accessing the HAL and simply ignores the broken configuration, whereas JBoss EAP 7.2 will not allow access to the HAL and report a Bootstrap error.

      The jboss-server-migration.[sh|bat] should identify this broken configuration and deny the migration of it.

      Reproduce:

      • Install a vanilla JBoss EAP 7.1.6 and a vanilla JBoss EAP 7.2.3
      • On JBoss EAP 7.1.6 change the domain.xml/management configuration to this: 
            <management>
        <access-control provider="simple">
            <host-scoped-roles>
                <role name="custom-role-name" base-role="Administrator">
                </role>
            </host-scoped-roles>
            <role-mapping>
                <role name="SuperUser">
                    <include>
                        <user name="$local"/>
                    </include>
                </role>
            </role-mapping>
        </access-control>
    </management>
      • Run the migration $JBOSS_72_HOME/bin/jboss-server-migration.sh -s $JBOSS_71_HOME -t $JBOSS_72_HOME
      • Add an arbitrary management user to JBoss EAP 7.2.3
      • Start JBoss EAP 7.2.3 server in domain mode and access the HAL http://localhost:9990

            emartins@redhat.com Eduardo Martins
            rhn-support-jbaesner Joerg Baesner
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: