Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-1606

Server reload is needed for modified security-realm even if {allow-resource-service-restart=true} is used

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 3.0.0.Beta27
    • 2.0.10.Final
    • Management, Security
    • None
    • Hide

      Start application server with default configuration execute following CLI commands:

      /core-service=management/ldap-connection=ldap-connection:add(search-dn="uid=admin,ou=system",search-credential="secret", url="ldap://localhost:10389")
      /core-service=management/security-realm=ManagementRealm/authentication=properties:remove(){allow-resource-service-restart=true}
      /core-service=management/security-realm=ManagementRealm/authentication=ldap:add(connection="ldap-connection",base-dn="ou=People,dc=jboss,dc=org",username-attribute=uid){allow-resource-service-restart=true}
      

      When you execute CLI command

      read-attribute server-state
      

      you will see that server is not in state reload-required. However when you access Management Console then newly configured LDAP authentication is not taken into account until server is reloaded.

      Show
      Start application server with default configuration execute following CLI commands: /core-service=management/ldap-connection=ldap-connection:add(search-dn= "uid=admin,ou=system" ,search-credential= "secret" , url= "ldap: //localhost:10389" ) /core-service=management/security-realm=ManagementRealm/authentication=properties:remove(){allow-resource-service-restart= true } /core-service=management/security-realm=ManagementRealm/authentication=ldap:add(connection= "ldap-connection" ,base-dn= "ou=People,dc=jboss,dc=org" ,username-attribute=uid){allow-resource-service-restart= true } When you execute CLI command read-attribute server-state you will see that server is not in state reload-required. However when you access Management Console then newly configured LDAP authentication is not taken into account until server is reloaded.

      When security-realm, which is set as http-interface security-realm in management-interfaces, is modified and operation used

      {allow-resource-service-restart=true}

      header then server is NOT in reload-required state but modified security realm does not work correctly until server is manually reloaded.

              ehugonne1@redhat.com Emmanuel Hugonnet
              olukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: