Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-490 Domain Management Role Based Access Control
  3. WFLY-1844

deep-copy-subject-mode attribute on Security Subsystem is Readable to all roles

    XMLWordPrintable

Details

    Description

      According to this spreadsheet [1] deep-copy-subject-mode attribute should be available only to Administrator role, instead it is Readable for everyone 

      [standalone@localhost:9990 /] :whoami(verbose=true)
{
    "outcome" => "success",
    "result" => {
        "identity" => {
            "username" => "monitor",
            "realm" => "ManagementRealm"
        },
        "roles" => ["Monitor"]
    }
}
[standalone@localhost:9990 /] /subsystem=security:read-attribute(name=deep-copy-subject-mode)
{
    "outcome" => "success",
    "result" => false
}

      [1] https://docs.google.com/spreadsheet/ccc?key=0Au0knNJrYUJhdFlSSEVpdGJpQnlDOURXYTRYajhaZWc#gid=1

      Attachments

        Activity

          People

            kkhan1@redhat.com Kabir Khan
            jcechace@redhat.com Jakub Čecháček
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: