Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-6470

Make sure Hawtio v2 works on EAP even if RBAC is enabled

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Major Major
    • fuse-7.0
    • None
    • Hawtio
    • % %
    • Fuse 7.0 Sprint 26

      Hawtio v1 had an issue with EAP RBAC (ENTESB-6281) so let's make sure it won't regress in v2.

      In addition, according to rhn-support-dlofthouse:

      FYI moving to standard web container managed authentication would be a good step. I would suggest don't do anything more complex than using mechanisms already offered by the server today.

      Once we have switched to WildFly Elytron the same security framework will be used for both application security and management security - we do expect distinct security domains will be used in the default configuration, however the new framework contains identity inflow support so in the future it will hopefully be possible to inflow the identity authentication in the application tier into the management tier and assign management roles at that time independent of the application roles they may also have been granted.

      Probably it's good chance to explore if it's possible to simplify AuthenticationFilter for v2.

              rhn-support-tasato Tadayoshi Sato
              rhn-support-tasato Tadayoshi Sato
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: