Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-2005

Host scoped role adding JVM config

    Details

      Description

      Although the operation permissions for add() are given, a host scoped fails to create a new JVM on a specific the role is scoped to:

      [domain@localhost:9990 /] /core-service=management/access=authorization/host-scoped-role=stage_hosts:read-resource
      {
          "outcome" => "success",
          "result" => {
              "base-role" => "maintainer",
              "hosts" => ["slave"]
          }
      }
      
      
      [domain@localhost:9990 /] /host=slave/jvm=small:add(){roles=STAGE_HOSTS}
      {
          "outcome" => "failed",
          "result" => undefined,
          "failure-description" => {"host-failure-descriptions" => [("slave" => "JBAS013456: Unauthorized to execute operation 'add' for resource '[
          (\"host\" => \"slave\"),
          (\"jvm\" => \"small\")
      ]' -- \"Permission denied\"")]},
          "rolled-back" => true
      }
      

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  brian.stansberry Brian Stansberry
                  Reporter:
                  heiko.braun Heiko Braun
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: