Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-18921

Cannot configure Elytron legacy security domain integration in admin-only mode

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • 7.4.0.CD19
    • 7.4.0.CD19
    • None
    • None

    Description

      The following sequence can be configured using the embedded server, however it doesn't work when we start the server in admin only:

      /subsystem=security/security-domain=HiThere:add(cache-type=default)
/subsystem=security/security-domain=HiThere/authentication=classic:add(login-modules=[{code="UsersRoles", flag=required, module-options={"usersProperties"=>"${jboss.server.config.dir}/users.properties","rolesProperties"=>"${jboss.server.config.dir}/roles.properties"}}])
/subsystem=security/elytron-realm=HiThere:add(legacy-jaas-config=HiThere)
/subsystem=elytron/security-domain=HiThere:add(realms=[{realm=HiThere}],default-realm=HiThere,permission-mapper=default-permission-mapper)
/subsystem=elytron/http-authentication-factory=HiThere-http:add(http-server-mechanism-factory=global,security-domain=HiThere,mechanism-configurations=[{mechanism-name=BASIC},{mechanism-name=FORM}])

      Executing it in admin-only mode, the following exception is thrown on the last command:

      [standalone@localhost:9990 /] /subsystem=elytron/http-authentication-factory=HiThere-http:add(http-server-mechanism-factory=global,security-domain=HiThere,mechanism-configurations=[{mechanism-name=BASIC},{mechanism-name=FORM}])
{
    "outcome" => "failed",
    "failure-description" => undefined,
    "rolled-back" => true
}

      11:43:43,034 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: WildFly Full 19.0.0.Beta2-SNAPSHOT (WildFly Core 11.0.0.Beta8-SNAPSHOT) started in 129ms - Started 81 of 90 services (32 services are lazy, passive or on-demand)
11:43:47,923 INFO  [org.jboss.as.controller] (management-handler-thread - 1) WFLYCTL0183: Service status report
WFLYCTL0184:    New missing/unsatisfied dependencies:
      service org.wildfly.security.security-realm.HiThere (missing) dependents: [service org.wildfly.security.security-domain.HiThere.initial]
WFLYCTL0448: 1 additional services are down due to their dependencies being missing or failed

      The execution using the embedded server works fine.

      This issue basically is a follow up on WFCORE-4407, where we fixed this issue on the embedded server, however, it looks like we were pretty conservative with the changes. Now we need this on a standard admin-only server mode to allow cloud images to apply the server configuration using CLI operations.

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. WFCORE-4833 Cannot configure Elytron legacy security domain integration in admin-only mode

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              yborgess1@redhat.com Yeray Borges Santana
              yborgess1@redhat.com Yeray Borges Santana
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: