Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.3.0.GA, 7.3.5.GA, 7.3.5.CR1
Affects Version/s: 7.2.7.GA
Component/s: Security
Labels:
- test_included

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
QE Test Coverage:
+
Target Release:

7.3.z.GA
Git Pull Request:
https://github.com/wildfly/wildfly-core/pull/3729/commits/8dcc2c712420b7b29e8d0b545a42e74021ed2825, https://github.com/wildfly/wildfly-core/pull/3861/commits/e5696bb24982df9c3fd8e7285f407e8d0e4dc711

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

We use an legacy loginmodule following the elytron documentation:

<susbsytem xmlns="urn:jboss:domain:security:2.0">
...
<elytron-integration>
<security-realms>
<elytron-realm name="legacy-web-realm" legacy-jaas-config="legacy-web-domain"/>
</security-realms>

...
<subsystem xmlns="urn:wildfly:elytron:4.0"
...
<security-domains>
<security-domain name="app-web-domain" default-realm="legacy-web-realm" permission-mapper="default-permission-mapper">
<realm name="legacy-web-realm" />}
</security-domain>
....

This works fine if we configure the server manually.

If we configure the server automatically, we start the server in admin-only modus. This leads to the follwing error:

16:05:01,584 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([
("subsystem" => "elytron"),
("security-domain" => "app-web-domain")
]) - failure description: {
"WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.security-realm.legacy-web-realm"],
"WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-domain.app-web-domain.initial is missing [org.wildfly.security.security-realm.legacy-web-realm]"]
}

It's also not possible to configure the elytron security with CLI if the server runs in admin-only.

[standalone@186.22.140.164:10590 /] /subsystem=elytron/security-domain=app-web-domain:add(realms=[{realm=
ApplicationRealm legacy-web-realm local ManagementRealm
{{[standalone@186.22.140.164:10590 /] /subsystem=elytron/security-domain=app-web-domain:add(realms=[

{realm=legacy-web-realm}

],default-realm=legacy-web-realm)}}
16:13:09,583 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0013: Operation ("add") failed - address: ([
("subsystem" => "elytron"),
("security-domain" => "app-web-domain")
]) - failure description: {
"WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.security-realm.legacy-web-realm"],
"WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-domain.app-web-domain.initial is missing [org.wildfly.security.security-realm.legacy-web-realm]"]
}

is incorporated by

WFCORE-4407 Cannot configure Elytron security domain using embedded server in admin mode

Resolved

Assignee:: Ilia Vassilev

Reporter:: Daniel Straub (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2020/08/28 10:14 AM

Updated:: 2024/08/27 1:48 PM

Resolved:: 2020/09/25 4:05 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates