Uploaded image for project: 'HAL'
  1. HAL
  2. HAL-1125

Setting system properties on a server-group fails when using RBAC scoped roles on admin console

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Major
    • Resolution: Done
    • 2.5.10, 2.8.23
    • 2.9.0.Alpha1
    • Ballroom
    • None
    • Hide

      Set up domain mode.

      Enable RBAC

      /core-service=management/access=authorization:write-attribute(name=provider,value=rbac)

      Add scoped role:

      /core-service=management/access=authorization/server-group-scoped-role=DeployerIntegration:add(base-role=Administrator,server-groups=[main-server-group])
      /core-service=management/access=authorization/role-mapping=DeployerIntegration:add()
      /core-service=management/access=authorization/role-mapping=DeployerIntegration/include=user1:add(name=user1,realm=ManagementRealm,type=USER)

      Add another scoped role (similarly to the steps above) based on Monitor for other-server-group and assign this role to user1.

      Log in as user1 to admin console, go to the group configuration page, view other-server-group and than view main-server-group. user1 cannot edit the system properties of main-server-group, the "add" and "remove" button are not visible to the user. "clear" button from JVM configuration on the same page is also missing.

      Show
      Set up domain mode. Enable RBAC /core-service=management/access=authorization:write-attribute(name=provider,value=rbac) Add scoped role: /core-service=management/access=authorization/server-group-scoped-role=DeployerIntegration:add(base-role=Administrator,server-groups= [main-server-group] ) /core-service=management/access=authorization/role-mapping=DeployerIntegration:add() /core-service=management/access=authorization/role-mapping=DeployerIntegration/include=user1:add(name=user1,realm=ManagementRealm,type=USER) Add another scoped role (similarly to the steps above) based on Monitor for other-server-group and assign this role to user1. Log in as user1 to admin console, go to the group configuration page, view other-server-group and than view main-server-group. user1 cannot edit the system properties of main-server-group, the "add" and "remove" button are not visible to the user. "clear" button from JVM configuration on the same page is also missing.

    Attachments

      Issue Links

        Activity

          People

            msmerek Martin Šmérek (Inactive)
            msmerek Martin Šmérek (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: