Bug 1046543

Summary: Denied to access admin web console of EAP6 after removing server-groups
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Hisanobu Okuda <hokuda>
Component: Web ConsoleAssignee: Harald Pehl <hpehl>
Status: CLOSED EOL QA Contact: Pavel Jelinek <pjelinek>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.2.0CC: bmaxwell, brian.stansberry, hbraun, hpehl, jkudrnac, jlee, kkhan, pkremens
Target Milestone: DR1   
Target Release: EAP 6.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-08-19 12:49:34 UTC Type: Enhancement
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1066151    
Bug Blocks:    

Description Hisanobu Okuda 2013-12-26 03:23:20 UTC 
Description of problem:
If all of server-groups in domain.xml removed, accessing http://localhost:9990/console. It shows a dialog which has the message of "Access Denied / Insufficient privileges to access this interface."

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. add admin user by add-user.sh
2. start EAP6 in domain mode
3. remove all of server-groups
[hokuda@localhost eap620]$ /opt/eap620/bin/jboss-cli.sh -c 
[domain@localhost:9999 /] /server-group=main-server-group:remove()
[domain@localhost:9999 /] /server-group=other-server-group:remove()
4. access http://localhost:9990/console
5. a dialog of "Insufficient privileges to access this interface." appears

Actual results:


Expected results:


Additional info:
Comment 1 JBoss JIRA Server 2014-01-21 20:50:00 UTC 
Harald Pehl <hpehl> updated the status of jira HAL-336 to Resolved
Comment 2 Jakub Cechacek 2014-02-26 11:34:00 UTC 
Information message is now given when accessing admin console. However

1) I don't really think that this is a valid solution of this issue. It feel more as a workaround. This is probably OK for the purpose of 6.3 as a proper solution might require higher effort - however an agreement with this workaround from PM is needed.

2) See BZ 1070181

3) Trying navigate to Domain from Administration will result in URL token being changed to #hosts (this should not happen)
Comment 3 Harald Pehl 2014-02-26 11:57:13 UTC 
I agree that we can discuss other solution for this. Regarding the implementation in the console this will need some time though. 

For the time being I think we should keep this solution.
Comment 4 Harald Pehl 2014-04-04 12:11:59 UTC 
I don't see a realistic chance of having anything else than this workaround for 6.3. Therefore I suggest to postpone to 6.4
Comment 5 Jakub Cechacek 2014-07-16 11:46:56 UTC 
Moving to 6.4 as the issue is still valid for 6.3