Uploaded image for project: 'AppFormer'
  1. AppFormer
  2. AF-2912

User from application-users.properties can log in to the Business Central

    XMLWordPrintable

Details

    • Bug
    • Resolution: Not a Bug
    • Critical
    • None
    • 7.59.0.Final, 7.60.0.Final
    • General workbench
    • None
    • Hide
      1. Unzip eap 7.4
      2. Copy the business central war to the standalone/deployments
      3. Add a user with admin role by ./bin/add-user.sh script.
      4. Start Business Central.
      5. Try to log in with the user.
      6. User can log in but it should not be possible. Using the properties file should be disabled.
      Show
      Unzip eap 7.4 Copy the business central war to the standalone/deployments Add a user with admin role by ./bin/add-user.sh script. Start Business Central. Try to log in with the user. User can log in but it should not be possible. Using the properties file should be disabled.
    • NEW
    • NEW

    Description

      Properties files application-roles.properties and application-users.properties should not be used for storing users and it should not be possible to login by a user defined in the files. This way should be disabled and replaced with the Elytron security system.

      Attachments

        Activity

          People

            trikkola Toni Rikkola
            tdavid@redhat.com Tomas David
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: