Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.1.0.GA
Affects Version/s: 7.1.0.DR10
Component/s: Documentation
Labels:
- docs-bulk-14

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Git Pull Request:
https://gitlab.cee.redhat.com/red-hat-jboss-enterprise-application-platform-documentation/eap-documentation/merge_requests/2452
Steps to Reproduce:
Hide

1) Start server

./standalone.sh

2) Configure server with CLI

/core-service=management/ldap-connection=ldapConnection:add(url="ldap://localhost:10389", search-credential="secret", search-dn="uid=admin,ou=system") /core-service=management/security-realm=ldap-realm:add() /core-service=management/security-realm=ldap-realm/authentication=ldap:add(connection=ldapConnection, base-dn="ou=People,dc=jboss,dc=org", username-attribute=uid) /core-service=management/management-interface=http-interface:write-attribute(name=security-realm, value=ldap-realm) reload

3) Access http://localhost:9990/management?operation=attribute&name=server-state in browser and provide credentials
4) Instead of 401 status code 500 is returned
Show
1) Start server ./standalone.sh 2) Configure server with CLI /core-service=management/ldap-connection=ldapConnection:add(url= "ldap: //localhost:10389" , search-credential= "secret" , search-dn= "uid=admin,ou=system" ) /core-service=management/security-realm=ldap-realm:add() /core-service=management/security-realm=ldap-realm/authentication=ldap:add(connection=ldapConnection, base-dn= "ou=People,dc=jboss,dc=org" , username-attribute=uid) /core-service=management/management- interface =http- interface :write-attribute(name=security-realm, value=ldap-realm) reload 3) Access http://localhost:9990/management?operation=attribute&name=server-state in browser and provide credentials 4) Instead of 401 status code 500 is returned

SFDC Cases Counter:
SFDC Cases Links:

Legacy security behaviour changed compared to EAP 7.0. When there is no LDAP server reachable, attempt to acces management interface secured by legacy ldap security realm ends with http code 500. In EAP 7.0 it was 401. There is agreement between dev and qe, that 500 is more proper code as it express server side problem.

Therefore please document this change properly. Maybe worth adding into Migration guide.

is cloned by

JBEAP-8323 [7.1] Migration Guide -Document changed http status code in legacy ldap security realm if LDAP is unreachable

Closed

is related to

JBEAP-6402 Wrong HTTP error code for Elytron authentication when LDAP server is unreachable

Closed

Assignee:: Zach Rhoads (Inactive)

Reporter:: Martin Choma

Tester:: Martin Choma

QA Contact:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2017/01/06 9:05 AM

Updated:: 2017/07/06 10:57 AM

Resolved:: 2017/01/18 3:13 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates