Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: 7.1.0.DR19
Affects Version/s: 7.1.0.DR13
Component/s: Security
Labels:

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Steps to Reproduce:
Hide

create Elytron ldap-realm based on LDAP with an existing identity

try to read the existing identity, e.g. /subsystem=elytron/ldap-realm=ldapRealm/identity=ldapUser:read-identity

/subsystem=elytron/dir-context=dc:add(url="ldap://localhost:10389",authentication-level=none) /subsystem=elytron/ldap-realm=lr:add(dir-context=dc,direct-verification=true,identity-mapping={filter-name="(uid={0})",iterator-filter="(uid=*)",new-identity-attributes=[],new-identity-parent-dn="dc=example,dc=com",use-recursive-search=true,search-base-dn="dc=example,dc=com",rdn-identifier=uid}) /subsystem=elytron/ldap-realm=lr:read-resource

(identities should be listed in result)
Show
create Elytron ldap-realm based on LDAP with an existing identity try to read the existing identity, e.g. /subsystem=elytron/ldap-realm=ldapRealm/identity=ldapUser:read-identity /subsystem=elytron/dir-context=dc:add(url= "ldap: //localhost:10389" ,authentication-level=none) /subsystem=elytron/ldap-realm=lr:add(dir-context=dc,direct-verification= true ,identity-mapping={filter-name= "(uid={0})" ,iterator-filter= "(uid=*)" , new -identity-attributes=[], new -identity-parent-dn= "dc=example,dc=com" ,use-recursive-search= true ,search-base-dn= "dc=example,dc=com" ,rdn-identifier=uid}) /subsystem=elytron/ldap-realm=lr:read-resource (identities should be listed in result)

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Elytron ldap-realm should load existing identities from LDAP. The steps to reproduce results in:

{"outcome" => "failed","failure-description" => "WFLYCTL0216: Management resource '[
    (\"subsystem\" => \"elytron\"),
    (\"ldap-realm\" => \"ldapRealm\"),
    (\"identity\" => \"ldapUser\")
]' not found","rolled-back" => true}

Authn/authz against the realm works as expected.

This issue seems to be related to the similar issue in filesystem-realm, see ~~JBEAP-9462~~.

The impacted feature is tech preview, hence the Major Priority is set.

blocks

JBEAP-10532 Elytron subsystem - Missing OTP support in set-password operation on identity in filesystem-realm

Closed

is caused by

WFCORE-2691 Elytron modifiable realms should show existing identities in subsystem

Resolved

is incorporated by

JBEAP-10845 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta23

Closed

is related to

JBEAP-9462 Elytron filesystem-realm should load existing identities from file system

Closed

Assignee:: Jan Kalina (Inactive)

Reporter:: Ondrej Kotek

Tester:: Ondrej Kotek

QA Contact:: Ondrej Kotek

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2017/03/14 7:41 AM

Updated:: 2024/09/02 4:40 PM

Resolved:: 2017/05/18 11:24 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates