Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-490 Domain Management Role Based Access Control
  3. WFLY-2216

include-all role mappings don't work in domain


      If I understand correctly, roles that have include-all=true in their role mappings should be added to all authenticated users. In my tests, though, this only works in standalone mode.

      In domain mode, if I set a role mapping to include-all, this setting is not reflected (at least not immediately; maybe it would work after restart, but that's wrong anyway). It doesn't matter which role is set to be include-all – in my tests, I use both standard roles and scoped roles and it consistently doesn't work. There's probably some wrong caching going on.

      The failing test case is in my pull request https://github.com/wildfly/wildfly/pull/5166 (it's the RBAC tests for include-all role mappings in domain commit). If it's more convenient, the pull request is the same as my rbac branch (https://github.com/Ladicek/wildfly/commits/rbac).

      Darran, I'm not sure if you are the right assignee – please reassign if needed. Thanks.

            darran.lofthouse@redhat.com Darran Lofthouse
            lthon@redhat.com Ladislav Thon
            0 Vote for this issue
            4 Start watching this issue