Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-18921

Cannot configure Elytron legacy security domain integration in admin-only mode

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 7.4.0.CD19
    • 7.4.0.CD19
    • None
    • None

      The following sequence can be configured using the embedded server, however it doesn't work when we start the server in admin only:

      /subsystem=security/security-domain=HiThere:add(cache-type=default)
      /subsystem=security/security-domain=HiThere/authentication=classic:add(login-modules=[{code="UsersRoles", flag=required, module-options={"usersProperties"=>"${jboss.server.config.dir}/users.properties","rolesProperties"=>"${jboss.server.config.dir}/roles.properties"}}])
      /subsystem=security/elytron-realm=HiThere:add(legacy-jaas-config=HiThere)
      /subsystem=elytron/security-domain=HiThere:add(realms=[{realm=HiThere}],default-realm=HiThere,permission-mapper=default-permission-mapper)
      /subsystem=elytron/http-authentication-factory=HiThere-http:add(http-server-mechanism-factory=global,security-domain=HiThere,mechanism-configurations=[{mechanism-name=BASIC},{mechanism-name=FORM}])
      

      Executing it in admin-only mode, the following exception is thrown on the last command:

      [standalone@localhost:9990 /] /subsystem=elytron/http-authentication-factory=HiThere-http:add(http-server-mechanism-factory=global,security-domain=HiThere,mechanism-configurations=[{mechanism-name=BASIC},{mechanism-name=FORM}])
      {
          "outcome" => "failed",
          "failure-description" => undefined,
          "rolled-back" => true
      }
      
      11:43:43,034 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: WildFly Full 19.0.0.Beta2-SNAPSHOT (WildFly Core 11.0.0.Beta8-SNAPSHOT) started in 129ms - Started 81 of 90 services (32 services are lazy, passive or on-demand)
      11:43:47,923 INFO  [org.jboss.as.controller] (management-handler-thread - 1) WFLYCTL0183: Service status report
      WFLYCTL0184:    New missing/unsatisfied dependencies:
            service org.wildfly.security.security-realm.HiThere (missing) dependents: [service org.wildfly.security.security-domain.HiThere.initial]
      WFLYCTL0448: 1 additional services are down due to their dependencies being missing or failed
      
      

      The execution using the embedded server works fine.

      This issue basically is a follow up on WFCORE-4407, where we fixed this issue on the embedded server, however, it looks like we were pretty conservative with the changes. Now we need this on a standard admin-only server mode to allow cloud images to apply the server configuration using CLI operations.

              yborgess1@redhat.com Yeray Borges Santana
              yborgess1@redhat.com Yeray Borges Santana
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: