Bug 1024930 - Security realms incorrectly shown as valid domain level resource types.
Summary: Security realms incorrectly shown as valid domain level resource types.
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Domain Management
Version: 6.2.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: CR1
: EAP 6.2.0
Assignee: Darran Lofthouse
QA Contact: Petr Kremensky
Russell Dickenson
Depends On:
TreeView+ depends on / blocked
Reported: 2013-10-30 15:26 UTC by Darran Lofthouse
Modified: 2013-12-15 16:19 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2013-12-15 16:19:48 UTC
Type: Bug

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker WFLY-2412 0 Major Resolved Security Realm and LDAP Connection incorrectly available as resourced under core-services=management in domain mode. 2013-11-26 10:40:56 UTC

Description Darran Lofthouse 2013-10-30 15:26:03 UTC
Description of problem:

The realms are not readable, this is despite the access control provider being Simple: -

[domain@localhost:9999 /] :whoami(verbose=true)
    "outcome" => "success",
    "result" => {
        "identity" => {
            "username" => "$local",
            "realm" => "ManagementRealm"
        "mapped-roles" => ["SuperUser"]
[domain@localhost:9999 /] ./core-service=management/security-realm=ManagementRealm:read-resource
    "outcome" => "failed",
    "failure-description" => "JBAS014807: Management resource '[
    (\"core-service\" => \"management\"),
    (\"security-realm\" => \"ManagementRealm\")
]' not found",
    "rolled-back" => true

Comment 1 JBoss JIRA Server 2013-10-30 15:32:42 UTC
Darran Lofthouse <darran.lofthouse> updated the status of jira WFLY-2412 to Coding In Progress

Comment 2 Brian Stansberry 2013-10-30 15:49:14 UTC
There are no domain level security realm resources. You need to prefix that address with /host=<name of a host>.

Comment 3 Darran Lofthouse 2013-10-30 16:03:03 UTC
In that case probably a bad resource definition exposing those resources at domain level.

Comment 4 Brian Stansberry 2013-10-30 16:18:26 UTC
Good catch Darran. I'm re-opening with a changed title. The fix is to remove those from the metadata.

Comment 5 Darran Lofthouse 2013-10-30 16:24:40 UTC
Yes is it a one line fix (two if you count the closing bracket of the if statement) ;-)

Pull requests coming shortly.

Comment 7 Petr Kremensky 2013-11-11 11:45:51 UTC
This issue was verified using the 6.2.0.CR1 preview bits.

Note You need to log in before you can comment on or make changes to this bug.