Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-3396

SwitchYard generated Service name breaks configurable security

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • jboss-fuse-6.2.1
    • jboss-fuse-6.2.1
    • SwitchYard
    • None
    • % %
    • Hide

      Use the attached replicator.
      (1) drop the FakeLoginModule in JBoss (source file is within the jar)
      (2) in standalone.xml, replace the 'other' domain with the content of security-domain.xml
      (3) mvn clean install SwitchyardTest project and deploy
      (4) call http://localhost/test/TestService, e. g. with SoapUI

      expected result:
      login module is called, SecurityException, no access is granted to service

      actual result:
      access is granted, login module is not called
      ---------------------------------------------------
      Stage 2:

      • Edit the switchyard.xml, align the Service 'name' with the 'promoted' name:
        <sca:service name="TestService" promote="Component/TestService">

      Try again, Security will prevent the service from executing.

      Show
      Use the attached replicator. (1) drop the FakeLoginModule in JBoss (source file is within the jar) (2) in standalone.xml, replace the 'other' domain with the content of security-domain.xml (3) mvn clean install SwitchyardTest project and deploy (4) call http://localhost/test/TestService , e. g. with SoapUI expected result: login module is called, SecurityException, no access is granted to service actual result: access is granted, login module is not called --------------------------------------------------- Stage 2: Edit the switchyard.xml, align the Service 'name' with the 'promoted' name: <sca:service name="TestService" promote="Component/TestService"> Try again, Security will prevent the service from executing.

    Description

      SwitchYard tooling generates a Composite Service name that differs from the name of the promoted Service. This breaks configurable security. If the user manually edits the name of the Composite Service and aligns it with the promoted name, security works.

      Attachments

        Activity

          People

            toigaras@redhat.com tomohisa igarashi
            rhn-support-rick Rick Wagner
            Stefan Veres Stefan Veres
            Rick Wagner
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: