Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.1.0.GA
Affects Version/s: 7.1.0.DR10
Component/s: Documentation
Labels:
- docs-bulk-14

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Git Pull Request:
https://gitlab.cee.redhat.com/red-hat-jboss-enterprise-application-platform-documentation/eap-documentation/commit/86aed5c9267310ed6489d80575dd94e6bda89745
Steps to Reproduce:
Hide

1) Start server

./standalone.sh

2) Configure server with CLI

/core-service=management/ldap-connection=ldapConnection:add(url="ldap://localhost:10389", search-credential="secret", search-dn="uid=admin,ou=system") /core-service=management/security-realm=ldap-realm:add() /core-service=management/security-realm=ldap-realm/authentication=ldap:add(connection=ldapConnection, base-dn="ou=People,dc=jboss,dc=org", username-attribute=uid) /core-service=management/management-interface=http-interface:write-attribute(name=security-realm, value=ldap-realm) reload

3) Access http://localhost:9990/management?operation=attribute&name=server-state in browser and provide credentials
4) Instead of 401 status code 500 is returned
Show
1) Start server ./standalone.sh 2) Configure server with CLI /core-service=management/ldap-connection=ldapConnection:add(url= "ldap: //localhost:10389" , search-credential= "secret" , search-dn= "uid=admin,ou=system" ) /core-service=management/security-realm=ldap-realm:add() /core-service=management/security-realm=ldap-realm/authentication=ldap:add(connection=ldapConnection, base-dn= "ou=People,dc=jboss,dc=org" , username-attribute=uid) /core-service=management/management- interface =http- interface :write-attribute(name=security-realm, value=ldap-realm) reload 3) Access http://localhost:9990/management?operation=attribute&name=server-state in browser and provide credentials 4) Instead of 401 status code 500 is returned

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Legacy security behaviour changed compared to EAP 7.0. When there is no LDAP server reachable, attempt to acces management interface secured by legacy ldap security realm ends with http code 500. In EAP 7.0 it was 401. There is agreement between dev and qe, that 500 is more proper code as it express server side problem.

Therefore please document this change properly. Maybe worth adding into Migration guide.

clones

JBEAP-8125 Document changed http status code in legacy ldap security realm if LDAP is unreachable

Closed

is related to

JBEAP-6402 Wrong HTTP error code for Elytron authentication when LDAP server is unreachable

Closed

Assignee:: Sande Gilda (Inactive)

Reporter:: Sande Gilda (Inactive)

Tester:: Martin Choma

QA Contact:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2017/01/17 2:13 PM

Updated:: 2021/10/24 6:41 AM

Resolved:: 2017/01/18 1:53 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates