Bug 1024842 - Update LDAP authentication to secure also native-interface
Update LDAP authentication to secure also native-interface
Status: CLOSED CURRENTRELEASE
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Installer (Show other bugs)
6.2.0
Unspecified Unspecified
unspecified Severity medium
: ER7
: EAP 6.2.0
Assigned To: Thomas Hauser
Petr Kremensky
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-10-30 09:50 EDT by Petr Kremensky
Modified: 2017-10-09 20:19 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-12-15 11:55:41 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Petr Kremensky 2013-10-30 09:50:45 EDT
Description of problem:
 Since BZ1006540 user is able to configure LDAP authentication via installer, but only http-interface is secured by new LDAP security realm, we should secure also native-interface.

Version-Release number of selected component (if applicable):
 EAP 6.2.0.ER6

How reproducible:
 Always

Steps to Reproduce:
 1. Run GUI installer.
 2. Select to Enable LDAP authentication on Post-Install Configuration
 3. Finish the installation

Actual results:
 Only http-interface is secured


Expected results:
 Both management-interfaces should be secured by newly created LDAP security realm.

Additional info:
Adding following command to batch should do the work (only standalone):
/core-service=management/management-interface=native-interface:write-attribute(name=security-realm, value="ldap_security_realm")
Comment 1 Francisco Canas 2013-11-01 13:17:04 EDT
The fix for this was in the ER7 build, but the issue slipped under the radar and we didn't mark is as MODIFIED beforehand. 

LDAP is now applied to both http and native management interfaces for each of the server configs.

See:
http://git.app.eng.bos.redhat.com/jbossas-installer.git/commit/?h=eap-6.2&id=beb538d8c84da7bc8c93bd35535e02f58eb6f07d
Comment 2 Petr Kremensky 2013-11-04 02:54:25 EST
Verified on EAP 6.2.0.ER7 installer. 

host-slave.xml and host-master.xml config files still use ManagementRealm for securing the management interfaces, but I believe this is covered by BZ1025340.

Note You need to log in before you can comment on or make changes to this bug.