Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-1606

Server reload is needed for modified security-realm even if {allow-resource-service-restart=true} is used

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 3.0.0.Beta27
    • 2.0.10.Final
    • Management, Security
    • None
    • Hide

      Start application server with default configuration execute following CLI commands:

      /core-service=management/ldap-connection=ldap-connection:add(search-dn="uid=admin,ou=system",search-credential="secret", url="ldap://localhost:10389")
/core-service=management/security-realm=ManagementRealm/authentication=properties:remove(){allow-resource-service-restart=true}
/core-service=management/security-realm=ManagementRealm/authentication=ldap:add(connection="ldap-connection",base-dn="ou=People,dc=jboss,dc=org",username-attribute=uid){allow-resource-service-restart=true}

      When you execute CLI command

      read-attribute server-state

      you will see that server is not in state reload-required. However when you access Management Console then newly configured LDAP authentication is not taken into account until server is reloaded.

      Show
      Start application server with default configuration execute following CLI commands: /core-service=management/ldap-connection=ldap-connection:add(search-dn= "uid=admin,ou=system" ,search-credential= "secret" , url= "ldap: //localhost:10389" ) /core-service=management/security-realm=ManagementRealm/authentication=properties:remove(){allow-resource-service-restart= true } /core-service=management/security-realm=ManagementRealm/authentication=ldap:add(connection= "ldap-connection" ,base-dn= "ou=People,dc=jboss,dc=org" ,username-attribute=uid){allow-resource-service-restart= true } When you execute CLI command read-attribute server-state you will see that server is not in state reload-required. However when you access Management Console then newly configured LDAP authentication is not taken into account until server is reloaded.

    Description

      When security-realm, which is set as http-interface security-realm in management-interfaces, is modified and operation used

      {allow-resource-service-restart=true}

      header then server is NOT in reload-required state but modified security realm does not work correctly until server is manually reloaded.

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-5073 Server reload is needed for modified security-realm even if {allow-resource-service-restart=true} is used

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Activity

            People

              ehugonne1@redhat.com Emmanuel Hugonnet
              olukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: