Red Hat Bugzilla – Bug 1012596
RBAC: Unable to cancel "Run as" restrictions in domain
Last modified: 2013-12-15 11:20:52 EST
After restricting your permission with "Run as" in domain, the tool becomes unavailable due to auth error.
How to reproduce
1) log in as superuser
2) use "Run as" to restrict your permissions to monitor
3) try to revert 2)
Can you elaborate on this: "the tool becomes unavailable due to auth error. " ?
When trying to open "Run as" window after it was used previously, the attempt will end up with "Unknown error - Authentication required"
Harald Pehl <firstname.lastname@example.org> updated the status of jira HAL-222 to Resolved
Harald Pehl <email@example.com> made a comment on jira HAL-222
Clear RUN_AS cookie in bootstrap
Moving back to ASSIGNED (https://docspace.corp.redhat.com/docs/DOC-154626).
There's no PR to eap 6.x github repo https://github.com/jbossas/jboss-eap/
The umbrella issue #1014047 is available now.
Still not fixed in ER5.
EAP 6.2.0.ER6 uses release-stream-2.0.3.Final-redhat-1-resources.jar which does contains the bug as described above.
However this is fixed in release-stream >=2.0.4.Final. Using ER7 must not show the bug as this version uses HAL release stream 2.0.5.Final.
You can test this now by replacing the console in ER6:
1. Get the latest HAL release stream "release-stream-2.0.5.Final-resources.jar" from https://repository.jboss.org/nexus/index.html#nexus-search;quick~release-stream
2. Overwrite the console in ER6:
cp release-stream-2.0.5.Final-resources.jar <ER6_HOME>/modules/system/layers/base/org/jboss/as/console/eap/release-stream-2.0.3.Final-redhat-1-resources.jar
3. Restart ER6 and reload the console.
Moving to MODIFIED since the 2.0.5.Final console is in the EAP branch.
The main issue of this BZ was resolved -- verified 6.2.0.ER7.
However I've talked to Harald and discovered that the only reliable way to clear ROLE headers is logout, thus see BZ1026823