Uploaded image for project: 'HAL'
  1. HAL
  2. HAL-1282

Web console RBAC Users/Groups descriptions are confusing

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 2.9.2.Final
    • 2.8.26
    • Access Control
    • None
    • Hide

      **original issue**
      1. run JBoss EAP
      JBOSS_HOME/bin > ./sh
      2. login JBoss EAP Web Admin Console
      3. try Add User
      http://localhost:9999/console/App.html#rbac
      4. input non-alphnumeric name
      "Add" button
      5. see the created non-alphnumeric name user.

      See the attached image files.

      Show
      ** original issue ** 1. run JBoss EAP JBOSS_HOME/bin > ./sh 2. login JBoss EAP Web Admin Console 3. try Add User http://localhost:9999/console/App.html#rbac 4. input non-alphnumeric name "Add" button 5. see the created non-alphnumeric name user. See the attached image files.

      As original issue stated, the descriptions of Users and Groups under Access Control tab can be confusing. The proposition is to change the descriptions of these selections and the names of the Add User / Add group dialogs respectively to avoid confusion with actual users managing.

      **original issue**
      Non-alphanumeric username registration bug in JBoss EAP Web Admin console
      When registering a new user using the "JBoss EAP Admin Web Console / Access Control / Users / Add" menu, a non-alphanumeric user name can be entered in the user name without error.

      If you enter a non-alphanumeric user name in the user name using add-user.bat or add-user.sh in the command window or shell, the following error response will be printed to reject the wrong user input.

      ./add-user.sh
      
      What type of user do you wish to add? 
       a) Management User (mgmt-users.properties) 
       b) Application User (application-users.properties)
      (a): 
      
      Enter the details of the new user to add.
      Using realm 'ManagementRealm' as discovered from the existing property files.
      Username : <!--
      
       * Error * 
      WFLYDM0028: Username must be alphanumeric with the exception of the following accepted symbols (",", "-", ".", "/", "=", "@", "\")
      
      Username (<!--) : 
      
       * Error * 
      WFLYDM0028: Username must be alphanumeric with the exception of the following accepted symbols (",", "-", ".", "/", "=", "@", "\")
      
      Username (<!--) : 
      
       * Error * 
      WFLYDM0028: Username must be alphanumeric with the exception of the following accepted symbols (",", "-", ".", "/", "=", "@", "\")
      
      Username (<!--) : 
      
       * Error * 
      WFLYDM0028: Username must be alphanumeric with the exception of the following accepted symbols (",", "-", ".", "/", "=", "@", "\")
      
      Username (<!--) : 
      

      The JBoss EAP Admin Web Console must be modified to prevent non-alphanumeric user names from being registered, such as add-user.sh.

            mstefank Martin Stefanko
            jcha@redhat.com Jung Ho Cha (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: