Bug 779746 (SOA-2108)

Summary: "user" role instead of JBossAdmin in jbossws-management's web.xml
Product: [JBoss] JBoss Enterprise SOA Platform 5 Reporter: Aleksandar Kostadinov <akostadinov>
Component: JBossWS, ConfigurationAssignee: Julian Coleman <jcoleman>
Status: CLOSED NEXTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: 5.0.2   
Target Milestone: ---   
Target Release: 5.0.2   
Hardware: Unspecified   
OS: Unspecified   
URL: http://jira.jboss.org/jira/browse/SOA-2108
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
all
Last Closed: 2010-06-22 17:32:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
501_web.xml
none
502_web.xml
none
CR1
none
CR2 none

Description Aleksandar Kostadinov 2010-06-02 18:44:17 UTC 
Date of First Response: 2010-06-02 21:17:07
project_key: SOA

EAP 5.0.1:
<role-name>JBossAdmin</role-name>

SOA-P 5.0.2 CR1:
<role-name>user</role-name>

Just FYI the xml formating of web.xml and jboss-web.xml ins SOA-P looks quite ugly.
Comment 1 Len DiMaggio 2010-06-03 01:17:07 UTC 
Attached the 5.0.1 and 5.0.2 CR1 files - what happened to the file?
Comment 2 Len DiMaggio 2010-06-03 01:17:07 UTC 
Attachment: Added: 501_web.xml
Attachment: Added: 502_web.xml
Comment 3 Julian Coleman 2010-06-07 15:09:55 UTC 
The change is a side-affect of the changes for SOA-1867 - the consoles which
have the SOA forms-based authentication contain <role-name>user</role-name>
in their web.xml.
 
We now have the situation where some consoles use:
  <role-name>JBossAdmin</role-name>
and some use:
  <role-name>user</role-name>
.  Also, soa-roles.properties contains:
  admin=JBossAdmin,HttpInvoker,user,admin
, so we have the multiple roles there too.
Comment 4 John Graham 2010-06-08 18:09:25 UTC 
Based on Program discussions, this will break backward compatibility, and hence cannot be done for SOA 5.x.
Comment 5 Aleksandar Kostadinov 2010-06-08 19:48:02 UTC 
Reopening because in SOA-P 5.0.0 and 5.0.1 there is 

     <auth-constraint>
       <role-name>JBossAdmin</role-name>
     </auth-constraint>

And also authentication is BASIC. How is backwards compatibility maintained by changing from what we had in 5.0.0 and 5.0.1?

Excuse me if you are aware of these facts and still considered the changes to be correct. In which case feel free to close the issue again.
Comment 6 Julian Coleman 2010-06-09 10:33:56 UTC 
Fixed with revision 5855 of:
  build-tools/resource/soa-auth/add_security_constrain_ws.xsl

Commit message:
  SOA-2108
  Use `JBossAdmin' instead of `user' as the default role name.
Comment 7 Len DiMaggio 2010-06-22 17:29:25 UTC 
Evidence of issue resolution in CR2 build - see attached files
Comment 8 Len DiMaggio 2010-06-22 17:29:25 UTC 
Attachment: Added: CR1
Attachment: Added: CR2
Comment 9 Len DiMaggio 2010-06-22 17:32:58 UTC 
Verified in CR2 build
Comment 10 Aleksandar Kostadinov 2010-06-22 18:11:18 UTC 
Thanks Len! I also confirmed CR2 is ok but forgot about closing the JIRA.