Description of problem: "deprecated" => { "since" => "1.3.0", "reason" => "The Security subsystem is deprecated and may be removed, significantly revised, or limited to managed domain legacy server use in future versions." }, Following messages are printed on the agent logs that indicate the properties have changed also: 016-03-08 12:02:03,427 WARN [ConfigurationManager.threadpool-1] (rhq.core.pc.configuration.ConfigurationCheckExecutor)- Plugin Error: Invalid Login Module Stack resource configuration returned by EAP7 plugin - Required property 'code' has a null value. 2016-03-08 12:02:03,427 WARN [ConfigurationManager.threadpool-1] (rhq.core.pc.configuration.ConfigurationCheckExecutor)- Plugin Error: Invalid Login Module Stack resource configuration returned by EAP7 plugin - Required property 'flag' has a null value. We should probably remove this subsystem from the EAP7 module and see later if we need to add the new security modules. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
We should retain it. The subsystem is deprecated but remains supported for the life of EAP 7. The deprecated state is intended to communicate that the subsystem will no longer receive updates, and that users should transition to the replacement, KeyCloak.
*** Bug 1320488 has been marked as a duplicate of this bug. ***
Further note, the log lines I'm seeing could happen in the 6.4 as well, as the properties are indeed identical between 6.4.0 and 7.0.0.ER07. The plugin code is based on some older EAP6 version and we can't separate the versions in XML..
And the errors only happen in jaspitest security-domain, not elsewhere.. (we have several places where we can't support the jaspitest domain as it uses a different path than other security-domains for some reason)
At this point it seems that changing things to support jaspitest's different structure is quite high risk. There's a lot of code (which is also complicated) that supports the old paths, which seems to be used by every other authentication module (and they seem to work fine). Jaspitest is an isolated case which doesn't work.
See comments 6-8. Closing as WONTFIX as too risky. Might need to revisit if different problems present themselves at a later time.