Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-1597 Re-Review TLS/SSL where http-upgrade is in use.
  3. WFLY-2154

http-interface is used instead of native-interface for native access

    XMLWordPrintable

Details

    • Sub-task
    • Resolution: Won't Do
    • Major
    • 8.0.0.CR1
    • 8.0.0.Beta1
    • Management, Security
    • None

    Description

      Steps to reproduce:
      1) create new Security Realm in standalone.xml:
      <security-realm name="ManagementTestRealm">
      <authentication>
      <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
      </authentication>
      </security-realm>

      2) make http-interface using this realm:
      <http-interface security-realm="ManagementTestRealm" http-upgrade-enabled="true">
      <socket-binding http="management-http"/>
      </http-interface>

      3) start standalone server

      4) run CLI with command ./jboss-cli.sh -c
      You will ask for user and password for ManagementTestRealm but this realm is NOT used for native interface! It should still used ManagementRealm not ManagementTestRealm. If you add <local default-user="$local"/> to ManagementTestRealm Security Realm and run CLI again, it connect successfully. It looks like there is used http-interface instead of native-interface.

      Attachments

        Activity

          People

            darran.lofthouse@redhat.com Darran Lofthouse
            olukas Ondrej Lukas (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: