Bulk Operation

WFLY-490 OperationContext.readResourceFromRoot throws UnauthorizedException even when the user doesn't have 'address' perms

WFLY-490 Missing filtering response header from type=*:read-resource

WFLY-490 Security Realm and LDAP Connection incorrectly available as resourced under core-services=management in domain mode.

WFLY-490 AccessControlContext and management users Subject leaking into thread pool of host controller executor.

WFLY-490 Eliminate additional round trip exchange of Subject from host controller to app server or slave host controllers.

WFLY-490 Trying to remove a server group as a server-group-scoped role leaks information

WFLY-490 Allow access-control "write" metadata to say "true" for read-only attributes

WFLY-490 SGSR permission are wrong on server-config

WFLY-490 Deployer can't modify data source when datasources set as application resources

WFLY-490 Expose the list of standard role names and of all role names

WFLY-490 A problem setting include-all on a role mapping is failing getting rolled back.

WFLY-490 Lack of model integrity checking regarding role mappings, standard role names and scoped role names.

WFLY-490 Add sensitivities to the subsystem 'describe' operations

WFLY-490 Unable to reload server after adding role and executing :reload

WFLY-490 include-all role mappings don't work in domain

WFLY-490 Priviledge alignment for scoped resources

WFLY-490 Enforce and correctly describe permissions on domain server lifecycle ops

WFLY-490 Enforce permissions on deployment upload ops

WFLY-490 Add transformers for RBAC resources

WFLY-490 Defining <outbound-connections> in <management> prevents the server to start

WFLY-490 Security Realm - authorization validation

WFLY-490 Improve SecurityRealm service removal.

WFLY-490 ProxyStepHandler/Controller need to check access before attempting to read information

WFLY-490 read-operation-names to return a filtered list of allowed operations

WFLY-490 RBAC-based tab completion for the CLI commands

WFLY-490 Test that validate-address and validate-operation do not leak non-addressable addresses

WFLY-490 NPE when modifying an existing server-group scoped role

WFLY-490 Remove host.xml host scoped role config

WFLY-490 Error executing composite operation as server group role

WFLY-490 Administrator should be prevented from modifying super user and auditor roles.

WFLY-490 Update platform-mbean resources to allow configuration of sensitivity constraints

WFLY-490 Prevent server group scoped roles modifying the master HC if it has no servers

WFLY-490 Add support for an include-all option on individual role mappings.

WFLY-490 Upgrade to Remoting JMX 2.0.0.CR2

WFLY-490 Remove support for use-realm-roles in role mapping implementation,

WFLY-490 Ensure there is proper trace level logging for all RBAC decisions

WFLY-490 Rework Subject propagation to avoid marshaling.

WFLY-490 RBAC config for slave HCs unable to access master HC

WFLY-490 RBAC + JMX: auditor can't read sensitive non-core MBeans

WFLY-490 Login as user with no role assigned leads to 500 error page

WFLY-490 access-type attribute description and access-control section

WFLY-490 Include hosts in allowed resources for server group scoped roles

WFLY-490 Remove configurability of VaultExpressionSensitivityConfig addressability

WFLY-490 Scoped roles base on SuperUser should not be allowed

WFLY-490 RBAC: read-resource-description is wrong about the ability to :add in the datasources subsystem

WFLY-490 Failed handling operation rollback -- null

WFLY-490 No enum AccessAuthorizationResourceDefinition.Provider.UNDEFINED

WFLY-490 Review exceptions thrown for authorization cases in JMX

WFLY-490 read-attribute operation is leaking value when user is not authorized to read that attribute

WFLY-490 MBeans for unaddressable resources available through JMX

WFLY-490 Revisit priviledges for /core-service=management/access=authorization

WFLY-490 Add configuration attribute for PERMISSIVE vs REJECTING role combinations

WFLY-490 Failed to read hosts

WFLY-490 Add Run-As Capability to ConfigurableRoleMapper

WFLY-490 Forward port core management xsd schema 1.5 from EAP

WFLY-490 Ensure RBAC metadata changes result in management API bump

WFLY-490 Access through unsecured management interface

WFLY-490 Test rbac for jmx in the testsuite

WFLY-490 Access control constraints for the audit logging resources

WFLY-490 Propagation of access control configuration to slave host controllers

WFLY-490 More useful access control failure messages

WFLY-490 Add RBAC sensitivity classification constraints to undertow subsystem

WFLY-490 Populate the Subject with the required prinicpals for rbac/audit logging earlier

WFLY-490 deep-copy-subject-mode attribute on Security Subsystem is Readable to all roles

WFLY-490 Invoking :read-resource operation on Security subsystem as a role with restricted privileges causes NPE

WFLY-490 Authorisation descision filtered vs. read-only

WFLY-490 Update to web console 2.0.0.Final

WFLY-490 Report data about what resources/attributes/ops a SensitivityClassification or ApplicationTypeConfig are applied to

WFLY-490 Prevent non-core use of ApplicationTypeConfig.DEPLOYMENT

WFLY-490 Allow ModelControllerClient configurations to disable the JBOSS_LOCAL_USER SASL mechanism

WFLY-490 Ensure platform-mbean misc write ops require write perms

WFLY-490 RBAC: HostScopedRole* operations are wrong (copy&paste from ServerGroupScopedRole*)

WFLY-490 RBAC: OperationContextImpl.readResourceForUpdate is missing an authorize call

WFLY-490 RBAC: role combination doesn't work

WFLY-490 Add access-control parameter to read-operation-description operation