Bug 1024930

Summary:	Security realms incorrectly shown as valid domain level resource types.
Product:	[JBoss] JBoss Enterprise Application Platform 6	Reporter:	Darran Lofthouse <darran.lofthouse>
Component:	Domain Management	Assignee:	Darran Lofthouse <darran.lofthouse>
Status:	CLOSED CURRENTRELEASE	QA Contact:	Petr Kremensky <pkremens>
Severity:	unspecified	Docs Contact:	Russell Dickenson <rdickens>
Priority:	unspecified
Version:	6.2.0	CC:	brian.stansberry, emuckenh, myarboro
Target Milestone:	CR1	Keywords:	Reopened
Target Release:	EAP 6.2.0
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2013-12-15 16:19:48 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Darran Lofthouse 2013-10-30 15:26:03 UTC

Description of problem:

The realms are not readable, this is despite the access control provider being Simple: -

[domain@localhost:9999 /] :whoami(verbose=true)
{
    "outcome" => "success",
    "result" => {
        "identity" => {
            "username" => "$local",
            "realm" => "ManagementRealm"
        },
        "mapped-roles" => ["SuperUser"]
    }
}
[domain@localhost:9999 /] ./core-service=management/security-realm=ManagementRealm:read-resource
{
    "outcome" => "failed",
    "failure-description" => "JBAS014807: Management resource '[
    (\"core-service\" => \"management\"),
    (\"security-realm\" => \"ManagementRealm\")
]' not found",
    "rolled-back" => true
}

Comment 1 JBoss JIRA Server 2013-10-30 15:32:42 UTC

Darran Lofthouse <darran.lofthouse> updated the status of jira WFLY-2412 to Coding In Progress

Comment 2 Brian Stansberry 2013-10-30 15:49:14 UTC

There are no domain level security realm resources. You need to prefix that address with /host=<name of a host>.

Comment 3 Darran Lofthouse 2013-10-30 16:03:03 UTC

In that case probably a bad resource definition exposing those resources at domain level.

Comment 4 Brian Stansberry 2013-10-30 16:18:26 UTC

Good catch Darran. I'm re-opening with a changed title. The fix is to remove those from the metadata.

Comment 5 Darran Lofthouse 2013-10-30 16:24:40 UTC

Yes is it a one line fix (two if you count the closing bracket of the if statement) ;-)

Pull requests coming shortly.

Comment 7 Petr Kremensky 2013-11-11 11:45:51 UTC

This issue was verified using the 6.2.0.CR1 preview bits.