Red Hat Bugzilla – Bug 1463614
Install RHQ user operation not working when elytron is used for user authentication
Last modified: 2017-11-10 17:08:46 EST
Description of problem: The Install RHQ user operation fails with: "Management users properties file [] is not writable" when elytron is used for user authentication. Version-Release number of selected component (if applicable): JON3.3.8 + EAP plugin pack update05.CR01 EAP 7.1.ER01 How reproducible: Always Steps to Reproduce: 1. unzip and start EAP 7.1.ER01 2. enable elytron components: a) Set http-authentication-factory to use management-http-authentication /core-service=management/management-interface=http-interface:write-attribute( \ name=http-authentication-factory, \ value=management-http-authentication \ ) b) Set sasl-authentication-factory to use management-sasl-authentication /core-service=management/management-interface=http-interface:write-attribute( \ name=http-upgrade.sasl-authentication-factory, \ value=management-sasl-authentication \ ) c)Undefine security-realm /core-service=management/management-interface=http-interface:undefine-attribute(name=security-realm) d)Reload JBoss EAP for the changes to take affect. reload 3. import EAP to JON inventory 4. run Install RHQ user operation Actual results: Operation fails with "Management users properties file [] is not writable" and EAP resource is down. Expected results: Additional info: Documentation: https://doc-stage.usersys.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1.beta/html-single/how_to_configure_server_security/#mgmt_user_authentication_with_eltyron When the rhqadmin user is added to mgmt-users.properties manually the EAP resource is UP and everything seems to be working.
This operation is not supported. It was provided for development testing only and the failure identified here is not limited to just Elytron. It will occur with any security/authentication configuration that does not use the file based property role/user/password mapping. Closing as WONTFIX.