Details
-
Bug
-
Resolution: Done
-
Major
-
JDG 7.2.2 GA
-
None
Description
I configured cache container security in JDG 7.2.2 in standalone.xml file :
~~~
<cache-container name="local" default-cache="default" statistics="true">
<security>
<authorization>
<identity-role-mapper />
<role name="admin" permissions="ALL"/>
</authorization>
</security>
~~~
I created a management user "Saurabh" and assigned role "admin" to him- PFA attached mgmt-groups.properties.
Below is the exception snippet :
~~~
2018-09-18 22:57:57,118 ERROR [org.jboss.as.controller.management-operation] (External Management Request Threads – 4) WFLYCTL0013: Operation ("read-attribute") failed - address: ([
("subsystem" => "datagrid-infinispan"),
("cache-container" => "local")
]): java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'Subject with principal(s): [org.jboss.as.core.security.SimplePrincipal@6f98bb1c, saurabh@ManagementRealm, admin@ManagementRealm, admin, InetAddressPrincipal <127.0.0.1/127.0.0.1>]' lacks 'ADMIN' permission
at org.infinispan.security.impl.AuthorizationHelper.checkPermission(AuthorizationHelper.java:87)
~~~