1315741 – Security subsystem has been deprecated

Bug 1315741 - Security subsystem has been deprecated

Summary: Security subsystem has been deprecated

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	JBoss Operations Network
Classification:	JBoss
Component:	Plugin -- JBoss EAP 7
Sub Component:
Version:	JON 3.3.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	ER01
Target Release:	One-off release
Assignee:	Michael Burman
QA Contact:	Mike Foley
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1320488 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-03-08 13:54 UTC by Michael Burman
Modified:	2016-04-12 13:09 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-04-12 06:15:02 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1320289	0	medium	CLOSED	Exception when trying to edit Module options from Security subsystem	2021-02-22 00:41:40 UTC

Internal Links: 1320289

Description Michael Burman 2016-03-08 13:54:20 UTC

Description of problem: 
       "deprecated" => {
            "since" => "1.3.0",
            "reason" => "The Security subsystem is deprecated and may be removed, significantly revised, or limited to managed domain legacy server use in future versions."
        },

Following messages are printed on the agent logs that indicate the properties have changed also:

016-03-08 12:02:03,427 WARN  [ConfigurationManager.threadpool-1] (rhq.core.pc.configuration.ConfigurationCheckExecutor)- Plugin Error: Invalid Login Module Stack resource configuration returned by EAP7 plugin - Required property 'code' has a null value.
2016-03-08 12:02:03,427 WARN  [ConfigurationManager.threadpool-1] (rhq.core.pc.configuration.ConfigurationCheckExecutor)- Plugin Error: Invalid Login Module Stack resource configuration returned by EAP7 plugin - Required property 'flag' has a null value.

We should probably remove this subsystem from the EAP7 module and see later if we need to add the new security modules.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 2 John Doyle 2016-03-17 15:21:38 UTC

We should retain it.  The subsystem is deprecated but remains supported for the life of EAP 7. The deprecated state is intended to communicate that the subsystem will no longer receive updates, and that users should transition to the replacement, KeyCloak.

Comment 3 Michael Burman 2016-03-23 11:50:29 UTC

*** Bug 1320488 has been marked as a duplicate of this bug. ***

Comment 4 Michael Burman 2016-04-01 11:59:21 UTC

Further note, the log lines I'm seeing could happen in the 6.4 as well, as the properties are indeed identical between 6.4.0 and 7.0.0.ER07. The plugin code is based on some older EAP6 version and we can't separate the versions in XML..

Comment 5 Michael Burman 2016-04-04 13:30:32 UTC

And the errors only happen in jaspitest security-domain, not elsewhere.. (we have several places where we can't support the jaspitest domain as it uses a different path than other security-domains for some reason)

Comment 6 Michael Burman 2016-04-06 14:39:00 UTC

At this point it seems that changing things to support jaspitest's different structure is quite high risk. There's a lot of code (which is also complicated) that supports the old paths, which seems to be used by every other authentication module (and they seem to work fine).

Jaspitest is an isolated case which doesn't work.

Comment 9 Simeon Pinder 2016-04-12 06:15:02 UTC

See comments 6-8. Closing as WONTFIX as too risky. Might need to revisit if different problems present themselves at a later time.

Note You need to log in before you can comment on or make changes to this bug.