Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-490

Domain Management Role Based Access Control

    Details

      Description

      Implement some coarse permissions for domain operations. Possibly allowing a break down for subsystem, profile, server, server-group - maybe read - write - execute.
      Also consider confidentiality in exchange e.g. Can read metrics over http but must use https to add new server.

        Gliffy Diagrams

          Attachments

            Issue Links

            1.
            Ensure platform-mbean misc write ops require write perms Sub-task Closed Tomaž Cerar 8.0.0.Beta1 Management
            2.
            RBAC: OperationContextImpl.readResourceForUpdate is missing an authorize call Sub-task Closed Brian Stansberry 8.0.0.Alpha4 Management
            3.
            RBAC: role combination doesn't work Sub-task Closed Ladislav Thon 8.0.0.Final Management
            4.
            Allow ModelControllerClient configurations to disable the JBOSS_LOCAL_USER SASL mechanism Sub-task Closed Brian Stansberry 8.0.0.Alpha4 Management
            5.
            Prevent non-core use of ApplicationTypeConfig.DEPLOYMENT Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            6.
            Report data about what resources/attributes/ops a SensitivityClassification or ApplicationTypeConfig are applied to Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            7.
            RBAC: HostScopedRole* operations are wrong (copy&paste from ServerGroupScopedRole*) Sub-task Closed Ladislav Thon 8.0.0.Final Management
            8.
            Invoking :read-resource operation on Security subsystem as a role with restricted privileges causes NPE Sub-task Closed Brian Stansberry 8.0.0.Alpha4 Management, Security
            9.
            deep-copy-subject-mode attribute on Security Subsystem is Readable to all roles Sub-task Closed Kabir Khan 8.0.0.Beta1 Management, Security
            10.
            Add RBAC sensitivity classification constraints to undertow subsystem Sub-task Closed Tomaž Cerar 8.0.0.CR1 Management, Web (Undertow)
            11.
            Authorisation descision filtered vs. read-only Sub-task Closed Kabir Khan 8.0.0.Alpha4 Management
            12.
            More useful access control failure messages Sub-task Closed Brian Stansberry   Management
            13.
            Propagation of access control configuration to slave host controllers Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            14.
            Access control constraints for the audit logging resources Sub-task Closed Kabir Khan 8.0.0.Beta1 Management
            15.
            Test rbac for jmx in the testsuite Sub-task Closed Ladislav Thon 8.0.0.Beta1 Management
            16.
            Access through unsecured management interface Sub-task Closed Darran Lofthouse 8.0.0.Beta1 Management, Security
            17.
            Ensure RBAC metadata changes result in management API bump Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            18.
            Forward port core management xsd schema 1.5 from EAP Sub-task Closed Brian Stansberry 8.0.0.CR1 Management
            19.
            Add Run-As Capability to ConfigurableRoleMapper Sub-task Closed Darran Lofthouse 8.0.0.Beta1 Management
            20.
            Failed to read hosts Sub-task Closed Emanuel Muckenhuber 8.0.0.CR1 Management
            21.
            Add configuration attribute for PERMISSIVE vs REJECTING role combinations Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            22.
            MBeans for unaddressable resources available through JMX Sub-task Closed Kabir Khan 8.0.0.Beta1 Management, Security
            23.
            read-attribute operation is leaking value when user is not authorized to read that attribute Sub-task Closed Ladislav Thon 8.0.0.Beta1 Management, Security
            24.
            Review exceptions thrown for authorization cases in JMX Sub-task Closed Kabir Khan 8.0.0.Beta1 Management, Security
            25.
            No enum AccessAuthorizationResourceDefinition.Provider.UNDEFINED Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            26.
            RBAC: read-resource-description is wrong about the ability to :add in the datasources subsystem Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            27.
            Scoped roles base on SuperUser should not be allowed Sub-task Closed Unassigned 8.0.0.CR1 Management, Security
            28.
            Remove configurability of VaultExpressionSensitivityConfig addressability Sub-task Closed Kabir Khan 8.0.0.Beta1 Management
            29.
            Include hosts in allowed resources for server group scoped roles Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            30.
            access-type attribute description and access-control section Sub-task Closed Kabir Khan 8.0.0.Beta1 Management
            31.
            RBAC + JMX: auditor can't read sensitive non-core MBeans Sub-task Closed Kabir Khan 8.0.0.Beta1 JMX, Management
            32.
            Login as user with no role assigned leads to 500 error page Sub-task Closed Heiko Braun 8.0.0.Beta1 Management
            33.
            RBAC config for slave HCs unable to access master HC Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            34.
            Rework Subject propagation to avoid marshaling. Sub-task Closed Darran Lofthouse 8.0.0.CR1 Management, Security
            35.
            Ensure there is proper trace level logging for all RBAC decisions Sub-task Closed Brian Stansberry 8.0.0.CR1 Management
            36.
            Revisit priviledges for /core-service=management/access=authorization Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            37.
            Remove support for use-realm-roles in role mapping implementation, Sub-task Closed Darran Lofthouse 8.0.0.Beta1 Management, Security
            38.
            Upgrade to Remoting JMX 2.0.0.CR2 Sub-task Closed Darran Lofthouse 8.0.0.Beta1 JMX, Remoting
            39.
            Prevent server group scoped roles modifying the master HC if it has no servers Sub-task Closed Brian Stansberry 8.0.0.CR1 Management
            40.
            Update platform-mbean resources to allow configuration of sensitivity constraints Sub-task Closed Tomaž Cerar 8.0.0.Beta1 Management
            41.
            Administrator should be prevented from modifying super user and auditor roles. Sub-task Closed Darran Lofthouse 8.0.0.Beta1 Management, Security
            42.
            Add support for an include-all option on individual role mappings. Sub-task Closed Darran Lofthouse 8.0.0.Beta1 Management, Security
            43.
            Remove host.xml host scoped role config Sub-task Closed Kabir Khan 8.0.0.Beta1 Management
            44.
            NPE when modifying an existing server-group scoped role Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            45.
            Error executing composite operation as server group role Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            46.
            Add access-control parameter to read-operation-description operation Sub-task Closed Kabir Khan 8.0.0.Beta1 Management
            47.
            Failed handling operation rollback -- null Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            48.
            Update to web console 2.0.0.Final Sub-task Closed Heiko Braun 8.0.0.Beta1 Web Console
            49.
            Test that validate-address and validate-operation do not leak non-addressable addresses Sub-task Closed Ladislav Thon 8.0.0.CR1 Management
            50.
            RBAC-based tab completion for the CLI commands Sub-task Closed Oleksiy Lubyanskyy 8.0.0.CR1 CLI
            51.
            read-operation-names to return a filtered list of allowed operations Sub-task Closed Kabir Khan 8.0.0.Beta1 Management
            52.
            ProxyStepHandler/Controller need to check access before attempting to read information Sub-task Closed Kabir Khan 8.0.0.Beta1 Management, Security
            53.
            Improve SecurityRealm service removal. Sub-task Closed Darran Lofthouse 8.0.0.Beta1 Management, Security
            54.
            Security Realm - authorization validation Sub-task Closed Darran Lofthouse 8.0.0.Beta1 Management, Security
            55.
            Defining <outbound-connections> in <management> prevents the server to start Sub-task Closed Darran Lofthouse 8.0.0.Beta1 Management
            56.
            Add transformers for RBAC resources Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            57.
            Enforce permissions on deployment upload ops Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            58.
            Enforce and correctly describe permissions on domain server lifecycle ops Sub-task Closed Brian Stansberry 8.0.0.Beta1 Management
            59.
            Priviledge alignment for scoped resources Sub-task Closed Brian Stansberry 8.0.0.CR1 Management
            60.
            include-all role mappings don't work in domain Sub-task Closed Darran Lofthouse 8.0.0.CR1 Management, Security
            61.
            Unable to reload server after adding role and executing :reload Sub-task Closed Darran Lofthouse 8.0.0.CR1 Management
            62.
            Add sensitivities to the subsystem 'describe' operations Sub-task Closed Brian Stansberry 8.0.0.CR1 Management
            63.
            A problem setting include-all on a role mapping is failing getting rolled back. Sub-task Closed Darran Lofthouse 8.0.0.CR1 Management
            64.
            Lack of model integrity checking regarding role mappings, standard role names and scoped role names. Sub-task Closed Darran Lofthouse 8.0.0.CR1  
            65.
            Expose the list of standard role names and of all role names Sub-task Closed Brian Stansberry 8.0.0.CR1 Management, Security
            66.
            Deployer can't modify data source when datasources set as application resources Sub-task Closed Brian Stansberry 8.0.0.CR1 Management
            67.
            SGSR permission are wrong on server-config Sub-task Closed Brian Stansberry 8.0.0.CR1 Management
            68.
            Allow access-control "write" metadata to say "true" for read-only attributes Sub-task Closed Brian Stansberry 8.0.0.CR1 Management
            69.
            Trying to remove a server group as a server-group-scoped role leaks information Sub-task Closed Brian Stansberry 8.0.0.CR1 Management
            70.
            Populate the Subject with the required prinicpals for rbac/audit logging earlier Sub-task Closed Darran Lofthouse 8.0.0.CR1 Security
            71.
            Eliminate additional round trip exchange of Subject from host controller to app server or slave host controllers. Sub-task Closed Darran Lofthouse 8.0.0.CR1 Management
            72.
            AccessControlContext and management users Subject leaking into thread pool of host controller executor. Sub-task Closed Darran Lofthouse 8.0.0.CR1 Management, Security
            73.
            Security Realm and LDAP Connection incorrectly available as resourced under core-services=management in domain mode. Sub-task Closed Darran Lofthouse 8.0.0.CR1 Management, Security
            74.
            Missing filtering response header from type=*:read-resource Sub-task Closed Brian Stansberry 8.0.0.CR1 Management
            75.
            OperationContext.readResourceFromRoot throws UnauthorizedException even when the user doesn't have 'address' perms Sub-task Closed Brian Stansberry 8.0.0.CR1 Management

              Activity

                People

                • Assignee:
                  dlofthouse Darran Lofthouse
                  Reporter:
                  dlofthouse Darran Lofthouse
                • Votes:
                  9 Vote for this issue
                  Watchers:
                  16 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: