Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-3421

Incorrect usage of requires for defining the relationship between outflow-anonymous and outflow-security-domains

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Major
    • None
    • 4.0.0.Alpha2
    • Security
    • None

    Description

      If outflow-anonymous is set to false then there is no need for outflow-security-domains as the default configuration shows clearly.
      So 

      /subsystem=elytron/security-domain=ApplicationDomain:add(default-realm=ApplicationRealm,outflow-anonymous=false,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles}])

      should work like 

      /subsystem=elytron/security-domain=ApplicationDomain:add(default-realm=ApplicationRealm,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles}])

      A custom validation code is required instead of relying on the setRequires of SimpleAttributeDefinition

      Attachments

        Activity

          People

            Unassigned Unassigned
            ehugonne1@redhat.com Emmanuel Hugonnet
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: