Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-258

Enable security manager via JBoss Modules

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Done
    • Major
    • 1.0.0.Alpha14
    • None
    • Security
    • None

    Description

      In WildFly Core the security manager can be enabled via the -secmgr argument or setting the SECMGR=true environment variable. In order for this change to work correctly the WildFlySecurityManager.install() needs to be disabled.

      Also all standalone, process-controller and host-controller modules that declare a dependency on org.wildfly.security.manager need to export the services.

      The security manager test suite configuration needs to be updated to use the -secmgr argument rather than using -Dsecurity.manager to transform the profile (though the same system property should probably be reused to add the argument, like we had originally done).

      Test suite configuration needs to be updated to always enable the security manager subsystem, even if the security manager is disabled. This will cause the permissions to still be associated with deployments (though they will not be used unless -secmgr was passed to the startup script).

      Attachments

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. WFLY-3651 permissions.xml is not used

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed
          is blocked by

          Feature Request - Feature requests from customers and/or users WFCORE-94 Add -secmgr to startup scripts and propagate -secmgr through the domain

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          relates to

          Feature Request - Feature requests from customers and/or users WFLY-4091 Disable WildFlySecurtyManager.install() in security manager subsystem

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              jperkins-rhn James Perkins
              jperkins-rhn James Perkins
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: