Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-490

Domain Management Role Based Access Control

XMLWordPrintable

      Implement some coarse permissions for domain operations. Possibly allowing a break down for subsystem, profile, server, server-group - maybe read - write - execute.
      Also consider confidentiality in exchange e.g. Can read metrics over http but must use https to add new server.

        1.
        Ensure platform-mbean misc write ops require write perms Sub-task Closed Major Tomaž Cerar (Inactive)
        2.
        RBAC: OperationContextImpl.readResourceForUpdate is missing an authorize call Sub-task Closed Major Brian Stansberry
        3.
        RBAC: role combination doesn't work Sub-task Closed Major Ladislav Thon
        4.
        Allow ModelControllerClient configurations to disable the JBOSS_LOCAL_USER SASL mechanism Sub-task Closed Major Brian Stansberry
        5.
        Prevent non-core use of ApplicationTypeConfig.DEPLOYMENT Sub-task Closed Minor Brian Stansberry
        6.
        Report data about what resources/attributes/ops a SensitivityClassification or ApplicationTypeConfig are applied to Sub-task Closed Minor Brian Stansberry
        7.
        RBAC: HostScopedRole* operations are wrong (copy&paste from ServerGroupScopedRole*) Sub-task Closed Major Ladislav Thon
        8.
        Invoking :read-resource operation on Security subsystem as a role with restricted privileges causes NPE Sub-task Closed Major Brian Stansberry
        9.
        deep-copy-subject-mode attribute on Security Subsystem is Readable to all roles Sub-task Closed Major Kabir Khan
        10.
        Add RBAC sensitivity classification constraints to undertow subsystem Sub-task Closed Blocker Tomaž Cerar (Inactive)
        11.
        Authorisation descision filtered vs. read-only Sub-task Closed Major Kabir Khan
        12.
        More useful access control failure messages Sub-task Closed Major Brian Stansberry
        13.
        Propagation of access control configuration to slave host controllers Sub-task Closed Major Brian Stansberry
        14.
        Access control constraints for the audit logging resources Sub-task Closed Major Kabir Khan
        15.
        Test rbac for jmx in the testsuite Sub-task Closed Major Ladislav Thon
        16.
        Access through unsecured management interface Sub-task Closed Major Darran Lofthouse
        17.
        Ensure RBAC metadata changes result in management API bump Sub-task Closed Major Brian Stansberry
        18.
        Forward port core management xsd schema 1.5 from EAP Sub-task Closed Major Brian Stansberry
        19.
        Add Run-As Capability to ConfigurableRoleMapper Sub-task Closed Major Darran Lofthouse
        20.
        Failed to read hosts Sub-task Closed Major Emanuel Muckenhuber (Inactive)
        21.
        Add configuration attribute for PERMISSIVE vs REJECTING role combinations Sub-task Closed Major Brian Stansberry
        22.
        MBeans for unaddressable resources available through JMX Sub-task Closed Major Kabir Khan
        23.
        read-attribute operation is leaking value when user is not authorized to read that attribute Sub-task Closed Critical Ladislav Thon
        24.
        Review exceptions thrown for authorization cases in JMX Sub-task Closed Major Kabir Khan
        25.
        No enum AccessAuthorizationResourceDefinition.Provider.UNDEFINED Sub-task Closed Major Brian Stansberry
        26.
        RBAC: read-resource-description is wrong about the ability to :add in the datasources subsystem Sub-task Closed Major Brian Stansberry
        27.
        Scoped roles base on SuperUser should not be allowed Sub-task Closed Major Unassigned
        28.
        Remove configurability of VaultExpressionSensitivityConfig addressability Sub-task Closed Major Kabir Khan
        29.
        Include hosts in allowed resources for server group scoped roles Sub-task Closed Major Brian Stansberry
        30.
        access-type attribute description and access-control section Sub-task Closed Major Kabir Khan
        31.
        RBAC + JMX: auditor can't read sensitive non-core MBeans Sub-task Closed Major Kabir Khan
        32.
        Login as user with no role assigned leads to 500 error page Sub-task Closed Major Heiko Braun
        33.
        RBAC config for slave HCs unable to access master HC Sub-task Closed Major Brian Stansberry
        34.
        Rework Subject propagation to avoid marshaling. Sub-task Closed Major Darran Lofthouse
        35.
        Ensure there is proper trace level logging for all RBAC decisions Sub-task Closed Major Brian Stansberry
        36.
        Revisit priviledges for /core-service=management/access=authorization Sub-task Closed Major Brian Stansberry
        37.
        Remove support for use-realm-roles in role mapping implementation, Sub-task Closed Critical Darran Lofthouse
        38.
        Upgrade to Remoting JMX 2.0.0.CR2 Sub-task Closed Critical Darran Lofthouse
        39.
        Prevent server group scoped roles modifying the master HC if it has no servers Sub-task Closed Major Brian Stansberry
        40.
        Update platform-mbean resources to allow configuration of sensitivity constraints Sub-task Closed Major Tomaž Cerar (Inactive)
        41.
        Administrator should be prevented from modifying super user and auditor roles. Sub-task Closed Critical Darran Lofthouse
        42.
        Add support for an include-all option on individual role mappings. Sub-task Closed Major Darran Lofthouse
        43.
        Remove host.xml host scoped role config Sub-task Closed Major Kabir Khan
        44.
        NPE when modifying an existing server-group scoped role Sub-task Closed Major Brian Stansberry
        45.
        Error executing composite operation as server group role Sub-task Closed Major Brian Stansberry
        46.
        Add access-control parameter to read-operation-description operation Sub-task Closed Major Kabir Khan
        47.
        Failed handling operation rollback -- null Sub-task Closed Major Brian Stansberry
        48.
        Update to web console 2.0.0.Final Sub-task Closed Blocker Heiko Braun
        49.
        Test that validate-address and validate-operation do not leak non-addressable addresses Sub-task Closed Major Ladislav Thon
        50.
        RBAC-based tab completion for the CLI commands Sub-task Closed Major Alexey Loubyansky
        51.
        read-operation-names to return a filtered list of allowed operations Sub-task Closed Major Kabir Khan
        52.
        ProxyStepHandler/Controller need to check access before attempting to read information Sub-task Closed Major Kabir Khan
        53.
        Improve SecurityRealm service removal. Sub-task Closed Major Darran Lofthouse
        54.
        Security Realm - authorization validation Sub-task Closed Major Darran Lofthouse
        55.
        Defining <outbound-connections> in <management> prevents the server to start Sub-task Closed Blocker Darran Lofthouse
        56.
        Add transformers for RBAC resources Sub-task Closed Major Brian Stansberry
        57.
        Enforce permissions on deployment upload ops Sub-task Closed Major Brian Stansberry
        58.
        Enforce and correctly describe permissions on domain server lifecycle ops Sub-task Closed Major Brian Stansberry
        59.
        Priviledge alignment for scoped resources Sub-task Closed Major Brian Stansberry
        60.
        include-all role mappings don't work in domain Sub-task Closed Major Darran Lofthouse
        61.
        Unable to reload server after adding role and executing :reload Sub-task Closed Critical Darran Lofthouse
        62.
        Add sensitivities to the subsystem 'describe' operations Sub-task Closed Major Brian Stansberry
        63.
        A problem setting include-all on a role mapping is failing getting rolled back. Sub-task Closed Major Darran Lofthouse
        64.
        Lack of model integrity checking regarding role mappings, standard role names and scoped role names. Sub-task Closed Major Darran Lofthouse
        65.
        Expose the list of standard role names and of all role names Sub-task Closed Major Brian Stansberry
        66.
        Deployer can't modify data source when datasources set as application resources Sub-task Closed Major Brian Stansberry
        67.
        SGSR permission are wrong on server-config Sub-task Closed Major Brian Stansberry
        68.
        Allow access-control "write" metadata to say "true" for read-only attributes Sub-task Closed Major Brian Stansberry
        69.
        Trying to remove a server group as a server-group-scoped role leaks information Sub-task Closed Major Brian Stansberry
        70.
        Populate the Subject with the required prinicpals for rbac/audit logging earlier Sub-task Closed Major Darran Lofthouse
        71.
        Eliminate additional round trip exchange of Subject from host controller to app server or slave host controllers. Sub-task Closed Major Darran Lofthouse
        72.
        AccessControlContext and management users Subject leaking into thread pool of host controller executor. Sub-task Closed Blocker Darran Lofthouse
        73.
        Security Realm and LDAP Connection incorrectly available as resourced under core-services=management in domain mode. Sub-task Closed Major Darran Lofthouse
        74.
        Missing filtering response header from type=*:read-resource Sub-task Closed Major Brian Stansberry
        75.
        OperationContext.readResourceFromRoot throws UnauthorizedException even when the user doesn't have 'address' perms Sub-task Closed Major Brian Stansberry

            darran.lofthouse@redhat.com Darran Lofthouse
            darran.lofthouse@redhat.com Darran Lofthouse
            Votes:
            9 Vote for this issue
            Watchers:
            16 Start watching this issue

              Created:
              Updated:
              Resolved: