Bug 779746 (SOA-2108) - "user" role instead of JBossAdmin in jbossws-management's web.xml
Summary: "user" role instead of JBossAdmin in jbossws-management's web.xml
Keywords:
Status: CLOSED NEXTRELEASE
Alias: SOA-2108
Product: JBoss Enterprise SOA Platform 5
Classification: JBoss
Component: JBossWS, Configuration
Version: 5.0.2
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 5.0.2
Assignee: Julian Coleman
QA Contact:
URL: http://jira.jboss.org/jira/browse/SOA...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-06-02 18:44 UTC by Aleksandar Kostadinov
Modified: 2010-06-22 18:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
all
Last Closed: 2010-06-22 17:32:58 UTC
Type: Bug

Attachments (Terms of Use)
501_web.xml (2.31 KB, text/xml)
2010-06-03 01:17 UTC, Len DiMaggio 		no flags Details
502_web.xml (2.33 KB, text/xml)
2010-06-03 01:17 UTC, Len DiMaggio 		no flags Details
CR1 (2.09 KB, application/octet-stream)
2010-06-22 17:29 UTC, Len DiMaggio 		no flags Details
CR2 (1.91 KB, application/octet-stream)
2010-06-22 17:29 UTC, Len DiMaggio 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker SOA-2108 0 None Closed "user" role instead of JBossAdmin in jbossws-management's web.xml 2012-03-22 06:13:41 UTC

Description Aleksandar Kostadinov 2010-06-02 18:44:17 UTC 
Date of First Response: 2010-06-02 21:17:07
project_key: SOA

EAP 5.0.1:
<role-name>JBossAdmin</role-name>

SOA-P 5.0.2 CR1:
<role-name>user</role-name>

Just FYI the xml formating of web.xml and jboss-web.xml ins SOA-P looks quite ugly.
Comment 1 Len DiMaggio 2010-06-03 01:17:07 UTC 
Attached the 5.0.1 and 5.0.2 CR1 files - what happened to the file?
Comment 2 Len DiMaggio 2010-06-03 01:17:07 UTC 
Attachment: Added: 501_web.xml
Attachment: Added: 502_web.xml
Comment 3 Julian Coleman 2010-06-07 15:09:55 UTC 
The change is a side-affect of the changes for SOA-1867 - the consoles which
have the SOA forms-based authentication contain <role-name>user</role-name>
in their web.xml.
 
We now have the situation where some consoles use:
  <role-name>JBossAdmin</role-name>
and some use:
  <role-name>user</role-name>
.  Also, soa-roles.properties contains:
  admin=JBossAdmin,HttpInvoker,user,admin
, so we have the multiple roles there too.
Comment 4 John Graham 2010-06-08 18:09:25 UTC 
Based on Program discussions, this will break backward compatibility, and hence cannot be done for SOA 5.x.
Comment 5 Aleksandar Kostadinov 2010-06-08 19:48:02 UTC 
Reopening because in SOA-P 5.0.0 and 5.0.1 there is 

     <auth-constraint>
       <role-name>JBossAdmin</role-name>
     </auth-constraint>

And also authentication is BASIC. How is backwards compatibility maintained by changing from what we had in 5.0.0 and 5.0.1?

Excuse me if you are aware of these facts and still considered the changes to be correct. In which case feel free to close the issue again.
Comment 6 Julian Coleman 2010-06-09 10:33:56 UTC 
Fixed with revision 5855 of:
  build-tools/resource/soa-auth/add_security_constrain_ws.xsl

Commit message:
  SOA-2108
  Use `JBossAdmin' instead of `user' as the default role name.
Comment 7 Len DiMaggio 2010-06-22 17:29:25 UTC 
Evidence of issue resolution in CR2 build - see attached files
Comment 8 Len DiMaggio 2010-06-22 17:29:25 UTC 
Attachment: Added: CR1
Attachment: Added: CR2
Comment 9 Len DiMaggio 2010-06-22 17:32:58 UTC 
Verified in CR2 build
Comment 10 Aleksandar Kostadinov 2010-06-22 18:11:18 UTC 
Thanks Len! I also confirmed CR2 is ok but forgot about closing the JIRA.
Note You need to log in before you can comment on or make changes to this bug.