Loading...

XML

Word

Printable

Type: Bug
Resolution: Duplicate
Priority: Critical
Fix Version/s: None
Affects Version/s: 7.1.0.DR14
Component/s: Security
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Steps to Reproduce:
Hide

1) Change http-interface to use Elytron:

<http-interface http-authentication-factory="management-http-authentication"> <http-upgrade enabled="true" sasl-authentication-factory="management-sasl-authentication"/> <socket-binding http="management-http"/> </http-interface>

2) Start application server and add user through add-user.sh:

./bin/add-user.sh -u user -p pass@123 -r ManagementRealm

3) Try to access Management Console with added user - it will fail

4) Reload server and try to access Management Console with added user again - it will passes
Show
1) Change http-interface to use Elytron: <http- interface http-authentication-factory= "management-http-authentication" > <http-upgrade enabled= " true " sasl-authentication-factory= "management-sasl-authentication" /> <socket-binding http= "management-http" /> </http- interface > 2) Start application server and add user through add-user.sh: ./bin/add-user.sh -u user -p pass@123 -r ManagementRealm 3) Try to access Management Console with added user - it will fail 4) Reload server and try to access Management Console with added user again - it will passes

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Elytron properties-realm reads users only during server start. As consequence it means that when Elytron properties-realm is used for securing management interface and user is added through add-user.sh script then authentication with that user is not possible until server is reloaded/restarted. In legacy security, users can be added and used without needed of reloading server.

duplicates

JBEAP-8443 There isn't possibility log in to management web console as user which was dynamically added after EAP was started.

Closed

JBEAP-11251 [DOC RFE]There isn't possibility log in to management web console as user which was dynamically added after EAP was started.

Closed

is cloned by

WFCORE-2569 Elytron properties-realm is not able to read users dynamically

Closed

Assignee:: Unassigned

Reporter:: Ondrej Lukas (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2017/03/22 3:36 AM

Updated:: 2017/05/31 10:43 AM

Resolved:: 2017/03/22 7:04 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates