Status: Closed (View Workflow)
Create user with admin role, but without ___script_manager and ___schema_manager roles
Start the server with security enabled.
e.g. standalone with attached configuration (but the issue is present in domain mode as well)
bin/standalone.sh -c standalone-auth.xml
click on cache container -> configuration
result: the console is stuck with loading icon (it's still responding)
Server log show:
ERROR [org.jboss.as.controller.management-operation] (External Management Request Threads – 9) WFLYCTL0013: Operation ("get-proto-schema-names") failed - address: ([
]) - failure description: "DGISPN0118: Failed to invoke operation: ISPN000287: Unauthorized access: subject 'Subject with principal(s): [org.jboss.as.core.security.SimplePrincipal@36ebcb, user@ManagementRealm, admin@ManagementRealm, InetAddressPrincipal <127.0.0.1/127.0.0.1>]' lacks 'BULK_READ' permission"
Expected result: there should be an error message in the console informing the user that he doesn't have required permissions.
Another issue: User have admin role, so he should be able to access configuration page, he shouldn't be able to access scripts and schemes configuration because he lacks ,___script_manager and ___schema_manager