Back to bug 1015524
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Brian Stansberry | 2013-10-04 17:45:54 UTC | CC | emuckenh | |
| Component | Web Console | Domain Management | ||
| Assignee | hbraun | brian.stansberry | ||
| QA Contact | jcechace | pkremens | ||
| Ladislav Thon | 2013-10-07 06:11:48 UTC | CC | lthon | |
| QA Contact | pkremens | lthon | ||
| Heiko Braun | 2013-10-14 16:49:24 UTC | CC | hbraun | |
| Heiko Braun | 2013-10-16 12:08:55 UTC | Link ID | JBoss Issue Tracker HAL-283 | |
| Lucas Costi | 2013-10-17 01:48:17 UTC | Doc Text | Cause: Consequence: Workaround (if any): Results: | |
| Doc Type | Bug Fix | Known Issue | ||
| mark yarborough | 2013-10-19 21:24:08 UTC | CC | myarboro | |
| Brian Stansberry | 2013-11-20 21:03:22 UTC | Doc Text | Cause: Consequence: Workaround (if any): Results: | Cause: If role based access control is enabled and an administrator is mapped to a server-group scoped role, that administrator is not allowed to read deployments mapped to other server groups or even to be aware of their existence. Consequence: If the administrator attempts to create a new deployment with the same name as an existing deployment, the operation will fail with the message "JBAS014807: Management resource '[(\"deployment\" => \"example.war\")]' not found". The problem is not that the deployment add fails; it should fail as an attempt is being made to add a duplicate. The problem is the user can too readily make this mistake and the failure message is confusing. Workaround (if any): Have administrators not limited to server-group scoped roles add new deployments to the domain, or maintain a separate complete listing of deployment names so all administrators can be aware of the full list of deployment names. Results: Attempts to add duplicate deployments will be avoided. |
| Dana Mison | 2013-11-27 06:51:05 UTC | CC | dmison | |
| Doc Text | Cause: If role based access control is enabled and an administrator is mapped to a server-group scoped role, that administrator is not allowed to read deployments mapped to other server groups or even to be aware of their existence. Consequence: If the administrator attempts to create a new deployment with the same name as an existing deployment, the operation will fail with the message "JBAS014807: Management resource '[(\"deployment\" => \"example.war\")]' not found". The problem is not that the deployment add fails; it should fail as an attempt is being made to add a duplicate. The problem is the user can too readily make this mistake and the failure message is confusing. Workaround (if any): Have administrators not limited to server-group scoped roles add new deployments to the domain, or maintain a separate complete listing of deployment names so all administrators can be aware of the full list of deployment names. Results: Attempts to add duplicate deployments will be avoided. | When role-based access controls are enabled, management users with server-group scoped roles might have new deployments fail with the following message: ---- "JBAS014807: Management resource '[(\"deployment\" => \"example.war\")]' not found" ---- This occurs because a deployment with the same name already exists in the domain. This is correct behaviour. However because the management user is scoped to a server group, they will be unable to see if such a deployment already exists in another server group. This makes it difficult to avoid this confusing error. To workaround this limitation, Red Hat recommends that either a single management user be responsible for adding deployments to a domain, or that a list of deployment names is maintained so that management users are aware of them. |
||
| Dana Mison | 2013-12-04 01:33:54 UTC | Doc Text | When role-based access controls are enabled, management users with server-group scoped roles might have new deployments fail with the following message: ---- "JBAS014807: Management resource '[(\"deployment\" => \"example.war\")]' not found" ---- This occurs because a deployment with the same name already exists in the domain. This is correct behaviour. However because the management user is scoped to a server group, they will be unable to see if such a deployment already exists in another server group. This makes it difficult to avoid this confusing error. To workaround this limitation, Red Hat recommends that either a single management user be responsible for adding deployments to a domain, or that a list of deployment names is maintained so that management users are aware of them. | When role-based access controls are enabled, management users with server-group scoped roles might have new deployments fail with the following message: ---- "JBAS014807: Management resource '[(\"deployment\" => \"example.war\")]' not found" ---- This occurs because a deployment with the same name already exists in the domain. This is correct behaviour. However because the management user is scoped to a server group, they will be unable to see if such a deployment already exists in another server group. This makes it difficult to avoid this confusing error. To workaround this limitation, Red Hat recommends that either non-scoped roles are assigned to the users responsible for adding deployments to a domain, or that a list of deployment names is maintained so that management users are aware of them. |
| Tom WELLS | 2014-05-15 03:24:11 UTC | CC | twells | |
| Dana Mison | 2014-05-15 03:27:32 UTC | CC | dmison | |
| Petr Kremensky | 2014-07-17 08:48:52 UTC | Target Release | --- | EAP 6.4.0 |
| CC | pkremens | |||
| Brian Stansberry | 2014-07-18 15:44:10 UTC | Type | Bug | Enhancement |
| John Skeoch | 2015-02-01 23:06:09 UTC | CC | emuckenh | dandread |
| Petr Kremensky | 2015-02-04 05:41:48 UTC | CC | msimka | |
| John Skeoch | 2015-05-18 01:31:07 UTC | CC | twells | lcarlon |
| lcarlon | 2015-05-19 10:17:47 UTC | CC | lcarlon | |
| Russell Dickenson | 2017-10-10 00:10:16 UTC | Docs Contact | rdickens | |
| Jan Kurik | 2019-08-02 07:33:36 UTC | Status | NEW | CLOSED |
| Resolution | --- | EOL | ||
| Last Closed | 2019-08-02 07:33:36 UTC |
Back to bug 1015524