Bug 1024930 - Security realms incorrectly shown as valid domain level resource types.
Security realms incorrectly shown as valid domain level resource types.
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Domain Management (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: CR1
: EAP 6.2.0
Assigned To: Darran Lofthouse
Petr Kremensky
Russell Dickenson
: Reopened
Depends On:
  Show dependency treegraph
Reported: 2013-10-30 11:26 EDT by Darran Lofthouse
Modified: 2013-12-15 11:19 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-12-15 11:19:48 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker WFLY-2412 Major Resolved Security Realm and LDAP Connection incorrectly available as resourced under core-services=management in domain mode. 2013-11-26 05:40:56 EST

  None (edit)
Description Darran Lofthouse 2013-10-30 11:26:03 EDT
Description of problem:

The realms are not readable, this is despite the access control provider being Simple: -

[domain@localhost:9999 /] :whoami(verbose=true)
    "outcome" => "success",
    "result" => {
        "identity" => {
            "username" => "$local",
            "realm" => "ManagementRealm"
        "mapped-roles" => ["SuperUser"]
[domain@localhost:9999 /] ./core-service=management/security-realm=ManagementRealm:read-resource
    "outcome" => "failed",
    "failure-description" => "JBAS014807: Management resource '[
    (\"core-service\" => \"management\"),
    (\"security-realm\" => \"ManagementRealm\")
]' not found",
    "rolled-back" => true
Comment 1 JBoss JIRA Server 2013-10-30 11:32:42 EDT
Darran Lofthouse <darran.lofthouse@jboss.com> updated the status of jira WFLY-2412 to Coding In Progress
Comment 2 Brian Stansberry 2013-10-30 11:49:14 EDT
There are no domain level security realm resources. You need to prefix that address with /host=<name of a host>.
Comment 3 Darran Lofthouse 2013-10-30 12:03:03 EDT
In that case probably a bad resource definition exposing those resources at domain level.
Comment 4 Brian Stansberry 2013-10-30 12:18:26 EDT
Good catch Darran. I'm re-opening with a changed title. The fix is to remove those from the metadata.
Comment 5 Darran Lofthouse 2013-10-30 12:24:40 EDT
Yes is it a one line fix (two if you count the closing bracket of the if statement) ;-)

Pull requests coming shortly.
Comment 7 Petr Kremensky 2013-11-11 06:45:51 EST
This issue was verified using the 6.2.0.CR1 preview bits.

Note You need to log in before you can comment on or make changes to this bug.