Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-5065

[GSS](7.0.z) Setting system properties on a server-group fails when using RBAC scoped roles on admin console

    XMLWordPrintable

Details

    • Hide

      Set up domain mode.

      Enable RBAC

      /core-service=management/access=authorization:write-attribute(name=provider,value=rbac)

      Add scoped role:

      /core-service=management/access=authorization/server-group-scoped-role=DeployerIntegration:add(base-role=Administrator,server-groups=[main-server-group])
      /core-service=management/access=authorization/role-mapping=DeployerIntegration:add()
      /core-service=management/access=authorization/role-mapping=DeployerIntegration/include=user1:add(name=user1,realm=ManagementRealm,type=USER)

      Add another scoped role (similarly to the steps above) based on Monitor for other-server-group and assign this role to user1.

      User1 added above cannot edit the system properties of main-server-group on the group configuration page via admin console, the "add" and "remove" button are not visible to the user. "clear" button from JVM configuration on the same page is also missing.

      Show
      Set up domain mode. Enable RBAC /core-service=management/access=authorization:write-attribute(name=provider,value=rbac) Add scoped role: /core-service=management/access=authorization/server-group-scoped-role=DeployerIntegration:add(base-role=Administrator,server-groups= [main-server-group] ) /core-service=management/access=authorization/role-mapping=DeployerIntegration:add() /core-service=management/access=authorization/role-mapping=DeployerIntegration/include=user1:add(name=user1,realm=ManagementRealm,type=USER) Add another scoped role (similarly to the steps above) based on Monitor for other-server-group and assign this role to user1. User1 added above cannot edit the system properties of main-server-group on the group configuration page via admin console, the "add" and "remove" button are not visible to the user. "clear" button from JVM configuration on the same page is also missing.
    • EAP 7.0.4

    Attachments

      Issue Links

        Activity

          People

            msmerek Martin Šmérek (Inactive)
            msmerek Martin Šmérek (Inactive)
            Pavel Jelinek Pavel Jelinek
            Pavel Jelinek Pavel Jelinek
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: