Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-4551

Cannot add Elytron jdbc-realm using embedded server in admin mode

    XMLWordPrintable

Details

    Description

      On a fresh a Wildfly install (tested on 16.final and 17.final) the following jboss-cli commands will fail to add an Elytron jdbc-realm to an embedded server using the ExampleDS data source that is predefined out-of-the-box:

      embed-server --server-config=standalone.xml

/subsystem=elytron/jdbc-realm=MyRealm:add(principal-query=[{sql="SELECT * FROM Users WHERE username = ?", data-source=ExampleDS}])

      Resulting in this error:

      ERROR [org.jboss.as.controller.management-operation] (pool-3-thread-1) WFLYCTL0013: Operation ("add") failed - address: ([
    ("subsystem" => "elytron"),
    ("jdbc-realm" => "MyRealm")
]) - failure description: {
    "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.data-source.ExampleDS"],
    "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-realm.MyRealm is missing [org.wildfly.data-source.ExampleDS]"]
}
{
    "outcome" => "failed",
    "failure-description" => {
        "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.data-source.ExampleDS"],
        "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-realm.MyRealm is missing [org.wildfly.data-source.ExampleDS]"]
    },
    "rolled-back" => true
}

      If you instead embed the server using --admin-only=false then the jdbc-realm will be added successfully.

      A workaround seems to be to first add and remove some other type of realm with the same name as the jdbc-realm you want to add, here for example using an identity-realm:

      embed-server --server-config=standalone.xml

# First add & remove a dummy realm with the same name as the jdbc-realm you want to add
/subsystem=elytron/identity-realm=MyRealm:add(identity='dummy identity realm')
/subsystem=elytron/identity-realm=MyRealm:remove

# Now the jdbc-realm will add successfully
/subsystem=elytron/jdbc-realm=MyRealm:add(principal-query=[{sql="SELECT * FROM Users WHERE username = ?", data-source=ExampleDS}])

      Attachments

        Issue Links

          relates to

          Task - Represents a small unit of work that is not end-user facing. WFLY-12346 Testing adding an Elytron jdbc-realm in admin mode

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              aabdelsa Ashley Abdel-Sayed (Inactive)
              daveagill David Gill (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: