Loading...

XML

Word

Printable

Type: Bug
Resolution: Obsolete
Priority: Major
Fix Version/s: None
Affects Version/s: 3.0.0.Beta7
Component/s: Security
Labels:
- user_experience

There are complicated failure-descriptions in Elytron simple-permission-mapper. They include some details from exceptions which are not needed and can be confused for non-java administrators. Please handle these exceptions and provide some user friendly failure-description.

Examples of complicated failure-description in simple-permission-mapper:

Wrong name of permission class:

/subsystem=elytron/simple-permission-mapper=mapper:add(permission-mappings=[{permissions=[{action=read,class-name=org.wildfly.security.auth.permission.WrongLoginPermission,target-name=someName}]}])
{
    "outcome" => "failed",
    "failure-description" => {
        "WFLYCTL0080: Failed services" => {"org.wildfly.security.permission-mapper.mapper" => "org.jboss.msc.service.StartException in service org.wildfly.security.permission-mapper.mapper: WFLYELY00021: Exception while creating the permission object for the permission mapping. Please check [class-name], [target-name] (name of permission) and [action] of [org.wildfly.security.auth.permission.WrongLoginPermission].
    Caused by: org.wildfly.security.permission.InvalidPermissionClassException: ELY03015: Could not load permission class \"org.wildfly.security.auth.permission.WrongLoginPermission\"
    Caused by: java.lang.ClassNotFoundException: org.wildfly.security.auth.permission.WrongLoginPermission from [Module \"org.wildfly.extension.elytron:main\" from local module loader @5479e3f (finder: local module finder @27082746 (roots: /home/olukas/workspace/uxcli/jboss-eap-7.1/modules,/home/olukas/workspace/uxcli/jboss-eap-7.1/modules/system/layers/base))]"},
        "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.permission-mapper.mapper"],
        "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined
    },
    "rolled-back" => true
}

Adding permission, but non existing module is used:

/subsystem=elytron/simple-permission-mapper=mapper:add(permission-mappings=[{permissions=[{action=read,class-name=org.wildfly.security.auth.permission.LoginPermission,target-name=someName,module=some.nonexist.module}]}])
{
    "outcome" => "failed",
    "failure-description" => {
        "WFLYCTL0080: Failed services" => {"org.wildfly.security.permission-mapper.mapper" => "org.jboss.msc.service.StartException in service org.wildfly.security.permission-mapper.mapper: org.jboss.modules.ModuleNotFoundException: some.nonexist.module:main
    Caused by: org.jboss.modules.ModuleNotFoundException: some.nonexist.module:main"},
        "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.permission-mapper.mapper"],
        "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined
    },
    "rolled-back" => true
}

Suggestion for improvement:

use only description of failure, e.g. something like "module a.b.c. does not exist"
do not use any unneeded information - e.g. "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined

clones

JBEAP-6886 Complicated failure-descriptions in Elytron simple-permission-mapper

Closed

relates to

WFCORE-2375 Definition Credential Store with existing storage file but with wrong store password causes ugly failure-description.

Resolved

WFCORE-2389 Definition Credential Store with non-existent storage file causes ugly failure-description with Exception.

Resolved

WFCORE-2450 Definition Credential Store with existing storage file but with wrong key password causes ugly failure-description.

Resolved

Assignee:: Unassigned

Reporter:: Ondrej Lukas (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2016/11/04 4:45 AM

Updated:: 2020/09/17 1:17 PM

Resolved:: 2020/09/17 1:17 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates