Details
-
Feature Request
-
Resolution: Done
-
Minor
-
8.0.0.Beta1
-
None
Description
The script "add-user.sh" has options to set
-dc <value> Define the location of the domain config directory.
-sc <value> Define the location the server config directory.
The class:
org/jboss/as/domain/management/security/state/PropertyFileFinder.java
in
private boolean findFiles(final String jbossHome, final List<File> foundFiles, final String fileName) {
will always find both files. This means that in the event the user uses only one of the above options, the new user will also be added to the default file. This is seen as a security risk.
We propose that when only one of the above options is set, that the user is not automatically added to the other (default) file. When neither option is set, stick with the current behaviour.