Bug 1024842

Summary: Update LDAP authentication to secure also native-interface
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Petr Kremensky <pkremens>
Component: InstallerAssignee: Thomas Hauser <thauser>
Status: CLOSED CURRENTRELEASE QA Contact: Petr Kremensky <pkremens>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.2.0CC: fcanas
Target Milestone: ER7   
Target Release: EAP 6.2.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-12-15 16:55:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Petr Kremensky 2013-10-30 13:50:45 UTC 
Description of problem:
 Since BZ1006540 user is able to configure LDAP authentication via installer, but only http-interface is secured by new LDAP security realm, we should secure also native-interface.

Version-Release number of selected component (if applicable):
 EAP 6.2.0.ER6

How reproducible:
 Always

Steps to Reproduce:
 1. Run GUI installer.
 2. Select to Enable LDAP authentication on Post-Install Configuration
 3. Finish the installation

Actual results:
 Only http-interface is secured


Expected results:
 Both management-interfaces should be secured by newly created LDAP security realm.

Additional info:
Adding following command to batch should do the work (only standalone):
/core-service=management/management-interface=native-interface:write-attribute(name=security-realm, value="ldap_security_realm")
Comment 1 Francisco Canas 2013-11-01 17:17:04 UTC 
The fix for this was in the ER7 build, but the issue slipped under the radar and we didn't mark is as MODIFIED beforehand. 

LDAP is now applied to both http and native management interfaces for each of the server configs.

See:
http://git.app.eng.bos.redhat.com/jbossas-installer.git/commit/?h=eap-6.2&id=beb538d8c84da7bc8c93bd35535e02f58eb6f07d
Comment 2 Petr Kremensky 2013-11-04 07:54:25 UTC 
Verified on EAP 6.2.0.ER7 installer. 

host-slave.xml and host-master.xml config files still use ManagementRealm for securing the management interfaces, but I believe this is covered by BZ1025340.