Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-490 Domain Management Role Based Access Control
  3. WFLY-2026

Include hosts in allowed resources for server group scoped roles


    • Icon: Sub-task Sub-task
    • Resolution: Done
    • Icon: Major Major
    • 8.0.0.Beta1
    • None
    • Management
    • None

      Treats host in a manner equivalent to profiles and socket binding groups for RBAC server group scoped roles. Difference is the mapping comes from the /host =/server-config= resources' "group" attributes instead of from /server-group=* resources' profile and socket-binding-group resources.

      If all servers on a given host are members of server groups accessible to a server group scoped role, then all resources on that host are accessible. If no server-config is defined on a given host, then it is accessible to all server group scoped roles.

            bstansbe@redhat.com Brian Stansberry
            bstansbe@redhat.com Brian Stansberry
            0 Vote for this issue
            2 Start watching this issue