Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-7511

Permission added using list-add should be validated before adding to Elytron constant-permission-mapper or simple-permission-mapper

    XMLWordPrintable

Details

    • User Experience
    • Hide 
      /subsystem=elytron/constant-permission-mapper=cpm:add
/subsystem=elytron/constant-permission-mapper=cpm:list-add(name=permissions,value={class-name=java.io.FilePermission})
reload
      Show
      /subsystem=elytron/constant-permission-mapper=cpm:add /subsystem=elytron/constant-permission-mapper=cpm:list-add(name=permissions,value={class-name=java.io.FilePermission}) reload

    Description

      Permission object added using list-add operation should be validated before being added to constant-permission-mapper or simple-permission-mapper.

      The reproducer should behave like

      [standalone@localhost:9990 /] /subsystem=elytron/constant-permission-mapper=cpm:add(permissions=[{class-name=java.io.FilePermission}])
{
    "outcome" => "failed",
    "failure-description" => {
        "WFLYCTL0080: Failed services" => {"org.wildfly.security.permission-mapper.cpm" => "org.jboss.msc.service.StartException in service org.wildfly.security.permission-mapper.cpm: WFLYELY00021: Exception while creating the permission object for the permission mapping. Please check [class-name], [target-name] (name of permission) and [action] of [java.io.FilePermission].
    Caused by: java.lang.IllegalArgumentException: invalid actions mask"},
        "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.permission-mapper.cpm"],
        "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined
    },
    "rolled-back" => true
}

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. WFCORE-2401 Permission added using list-add should be validated before adding to Elytron constant-permission-mapper or simple-permission-mapper

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              okotek@redhat.com Ondrej Kotek
              Ondrej Kotek Ondrej Kotek
              Ondrej Kotek Ondrej Kotek
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: