Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-2005

Host scoped role adding JVM config

    XMLWordPrintable

Details

    Description

      Although the operation permissions for add() are given, a host scoped fails to create a new JVM on a specific the role is scoped to:

      [domain@localhost:9990 /] /core-service=management/access=authorization/host-scoped-role=stage_hosts:read-resource
      {
          "outcome" => "success",
          "result" => {
              "base-role" => "maintainer",
              "hosts" => ["slave"]
          }
      }
      
      
      [domain@localhost:9990 /] /host=slave/jvm=small:add(){roles=STAGE_HOSTS}
      {
          "outcome" => "failed",
          "result" => undefined,
          "failure-description" => {"host-failure-descriptions" => [("slave" => "JBAS013456: Unauthorized to execute operation 'add' for resource '[
          (\"host\" => \"slave\"),
          (\"jvm\" => \"small\")
      ]' -- \"Permission denied\"")]},
          "rolled-back" => true
      }
      

      Attachments

        Issue Links

          Activity

            People

              bstansbe@redhat.com Brian Stansberry
              rhn-support-hbraun Heiko Braun
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: