Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-7264

Administration console - BULK_READ permission is not set in identity/role

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 9.0.0.Beta2
    • None
    • Console
    • None
    • Hide

      Add security to a container, set up an appropriate role with permissions, restart server and finally go to cache container configuration page. You should get an error modal dialog

      Show
      Add security to a container, set up an appropriate role with permissions, restart server and finally go to cache container configuration page. You should get an error modal dialog

    Description

      It appears that BULK_READ permission is nor properly wired/transferred into API invocations. When attempting to access schema names we get the following exceptions in the server:

      [Server:server-two] 11:51:44,982 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool – 33) WFLYCTL0013: Operation ("get-proto-schema-names") failed - address: ([
      [Server:server-two] ("subsystem" => "datagrid-infinispan"),
      [Server:server-two] ("cache-container" => "clustered")
      [Server:server-two] ]) - failure description: "DGISPN0118: Failed to invoke operation: ISPN000287: Unauthorized access: subject 'Subject with principal(s): [vladimir@ManagementRealm, InetAddressPrincipal <127.0.0.1/127.0.0.1>]' lacks 'BULK_READ' permission"

      However, we have set this permission for the role identity/role making invocations (i.e vladimir in the example above)

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. JDG-651 Administration console - BULK_READ permission is not set in identity/role

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Closed
          relates to

          Bug - A problem that impairs or prevents the functions of the product. ISPN-7333 BULK_READ permission is not set in identity/role

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              vblagoje Vladimir Blagojevic (Inactive)
              vblagoje Vladimir Blagojevic (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: