Details
-
Bug
-
Resolution: Obsolete
-
Major
-
None
-
11.0.0.Final
-
None
-
It cannot be reproduced in newer versions, resolving as outdated.
Description
Summary
A minimal example webapp using Soteria and DeltaSpike Security works as expected when first deployed to WildFly.
After issuing a reload command via jboss-cli.sh, the application no longer works, since no groups are associated to the caller principal.
The problem no longer occurs after a server shutdown and restart.
Details
# Start server $ ${JBOSS_HOME}/bin/standalone.sh # Build and deploy demo $ git clone https://github.com/hwellmann/security-demo.git $ cd security-demo $ mvn deploy # Request protected resource $ curl -u operator:secret http://localhost:8080/api/version {"version":1} # Reload server $ ${JBOSS_HOME}/bin/jboss-cli.sh -c --command=:reload # Issue same request, access denied $ curl -u operator:secret http://localhost:8080/api/version {"message":"requested access to the resource is denied"}