Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-5065

[GSS](7.0.z) Setting system properties on a server-group fails when using RBAC scoped roles on admin console

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 7.0.4.CR1, 7.0.4.GA
    • 7.0.1.CR1
    • Web Console
    • None
    • Hide

      Set up domain mode.

      Enable RBAC

      /core-service=management/access=authorization:write-attribute(name=provider,value=rbac)

      Add scoped role:

      /core-service=management/access=authorization/server-group-scoped-role=DeployerIntegration:add(base-role=Administrator,server-groups=[main-server-group])
      /core-service=management/access=authorization/role-mapping=DeployerIntegration:add()
      /core-service=management/access=authorization/role-mapping=DeployerIntegration/include=user1:add(name=user1,realm=ManagementRealm,type=USER)

      Add another scoped role (similarly to the steps above) based on Monitor for other-server-group and assign this role to user1.

      User1 added above cannot edit the system properties of main-server-group on the group configuration page via admin console, the "add" and "remove" button are not visible to the user. "clear" button from JVM configuration on the same page is also missing.

      Show
      Set up domain mode. Enable RBAC /core-service=management/access=authorization:write-attribute(name=provider,value=rbac) Add scoped role: /core-service=management/access=authorization/server-group-scoped-role=DeployerIntegration:add(base-role=Administrator,server-groups= [main-server-group] ) /core-service=management/access=authorization/role-mapping=DeployerIntegration:add() /core-service=management/access=authorization/role-mapping=DeployerIntegration/include=user1:add(name=user1,realm=ManagementRealm,type=USER) Add another scoped role (similarly to the steps above) based on Monitor for other-server-group and assign this role to user1. User1 added above cannot edit the system properties of main-server-group on the group configuration page via admin console, the "add" and "remove" button are not visible to the user. "clear" button from JVM configuration on the same page is also missing.
    • EAP 7.0.4

    Attachments

      Issue Links

        clones

        Bug - A problem that impairs or prevents the functions of the product. JBEAP-6479 [GSS](7.1.0) Setting system properties on a server-group fails when using RBAC scoped roles on admin console

        • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
        • Verified
        is caused by

        Bug - A problem that impairs or prevents the functions of the product. HAL-1125 Setting system properties on a server-group fails when using RBAC scoped roles on admin console

        • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
        • Resolved
        is incorporated by

        Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-5731 (7.0.z) Upgrade HAL from 2.8.27.Final to 2.8.28.Final

        • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
        • Verified

        Activity

          People

            msmerek Martin Šmérek (Inactive)
            msmerek Martin Šmérek (Inactive)
            Pavel Jelinek Pavel Jelinek
            Pavel Jelinek Pavel Jelinek
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: