Loading...

XML

Word

Printable

Type: Feature Request
Resolution: Done
Priority: Blocker
Fix Version/s: 8.0.0.Final
Affects Version/s: None
Component/s: Management, Security
Labels:
- Authorization

Implement some coarse permissions for domain operations. Possibly allowing a break down for subsystem, profile, server, server-group - maybe read - write - execute.
Also consider confidentiality in exchange e.g. Can read metrics over http but must use https to add new server.

is blocked by

WFLY-1864 Propagate the Subject of the Caller across the domain for distributed management ops.

Closed

WFLY-1874 Inconsistent access control response structures

Closed

WFLY-1900 Register override model for DS and RA regardless of if enabled or not

Closed

WFLY-1954 Exceptions when operating on domain mode

Closed

WFLY-2005 Host scoped role adding JVM config

Closed

WFLY-2184 Probe operations not visible in access control meta data

Closed

WFLY-1800 Upgrade to Remoting JMX 2.0.0 (Beta 2)

Closed

WFLY-1853 Pass the callers Subject from master domain controller to slaves and from host controllers to app servers.

Closed

is duplicated by

AS7-2486 Create a coarse authorization mechanism for domain admin.

Resolved

is related to

WFLY-1696 Allow local authentication mechanism to be disabled in CLI

Closed

relates to

WFCORE-709 MBeanAttributeInfo#isReadable and MBeanAttributeInfo#isWrittable return always true

Open

WFLY-2182 Significant slow down of testsuite execution

Closed

WFLY-1673 Security Realms need a mechanism to allow querying of all known groups and users.

Closed

WFCORE-370 Improve RBAC Performance

Open

(3 is blocked by, 1 is duplicated by, 1 is related to, 4 relates to)

1.	Ensure platform-mbean misc write ops require write perms	Closed	Tomaž Cerar (Inactive)
2.	RBAC: OperationContextImpl.readResourceForUpdate is missing an authorize call	Closed	Brian Stansberry
3.	RBAC: role combination doesn't work	Closed	Ladislav Thon
4.	Allow ModelControllerClient configurations to disable the JBOSS_LOCAL_USER SASL mechanism	Closed	Brian Stansberry
5.	Prevent non-core use of ApplicationTypeConfig.DEPLOYMENT	Closed	Brian Stansberry
6.	Report data about what resources/attributes/ops a SensitivityClassification or ApplicationTypeConfig are applied to	Closed	Brian Stansberry
7.	RBAC: HostScopedRole* operations are wrong (copy&paste from ServerGroupScopedRole*)	Closed	Ladislav Thon
8.	Invoking :read-resource operation on Security subsystem as a role with restricted privileges causes NPE	Closed	Brian Stansberry
9.	deep-copy-subject-mode attribute on Security Subsystem is Readable to all roles	Closed	Kabir Khan
10.	Add RBAC sensitivity classification constraints to undertow subsystem	Closed	Tomaž Cerar (Inactive)
11.	Authorisation descision filtered vs. read-only	Closed	Kabir Khan
12.	More useful access control failure messages	Closed	Brian Stansberry
13.	Propagation of access control configuration to slave host controllers	Closed	Brian Stansberry
14.	Access control constraints for the audit logging resources	Closed	Kabir Khan
15.	Test rbac for jmx in the testsuite	Closed	Ladislav Thon
16.	Access through unsecured management interface	Closed	Darran Lofthouse
17.	Ensure RBAC metadata changes result in management API bump	Closed	Brian Stansberry
18.	Forward port core management xsd schema 1.5 from EAP	Closed	Brian Stansberry
19.	Add Run-As Capability to ConfigurableRoleMapper	Closed	Darran Lofthouse
20.	Failed to read hosts	Closed	Emanuel Muckenhuber (Inactive)
21.	Add configuration attribute for PERMISSIVE vs REJECTING role combinations	Closed	Brian Stansberry
22.	MBeans for unaddressable resources available through JMX	Closed	Kabir Khan
23.	read-attribute operation is leaking value when user is not authorized to read that attribute	Closed	Ladislav Thon
24.	Review exceptions thrown for authorization cases in JMX	Closed	Kabir Khan
25.	No enum AccessAuthorizationResourceDefinition.Provider.UNDEFINED	Closed	Brian Stansberry
26.	RBAC: read-resource-description is wrong about the ability to :add in the datasources subsystem	Closed	Brian Stansberry
27.	Scoped roles base on SuperUser should not be allowed	Closed	Unassigned
28.	Remove configurability of VaultExpressionSensitivityConfig addressability	Closed	Kabir Khan
29.	Include hosts in allowed resources for server group scoped roles	Closed	Brian Stansberry
30.	access-type attribute description and access-control section	Closed	Kabir Khan
31.	RBAC + JMX: auditor can't read sensitive non-core MBeans	Closed	Kabir Khan
32.	Login as user with no role assigned leads to 500 error page	Closed	Heiko Braun
33.	RBAC config for slave HCs unable to access master HC	Closed	Brian Stansberry
34.	Rework Subject propagation to avoid marshaling.	Closed	Darran Lofthouse
35.	Ensure there is proper trace level logging for all RBAC decisions	Closed	Brian Stansberry
36.	Revisit priviledges for /core-service=management/access=authorization	Closed	Brian Stansberry
37.	Remove support for use-realm-roles in role mapping implementation,	Closed	Darran Lofthouse
38.	Upgrade to Remoting JMX 2.0.0.CR2	Closed	Darran Lofthouse
39.	Prevent server group scoped roles modifying the master HC if it has no servers	Closed	Brian Stansberry
40.	Update platform-mbean resources to allow configuration of sensitivity constraints	Closed	Tomaž Cerar (Inactive)
41.	Administrator should be prevented from modifying super user and auditor roles.	Closed	Darran Lofthouse
42.	Add support for an include-all option on individual role mappings.	Closed	Darran Lofthouse
43.	Remove host.xml host scoped role config	Closed	Kabir Khan
44.	NPE when modifying an existing server-group scoped role	Closed	Brian Stansberry
45.	Error executing composite operation as server group role	Closed	Brian Stansberry
46.	Add access-control parameter to read-operation-description operation	Closed	Kabir Khan
47.	Failed handling operation rollback -- null	Closed	Brian Stansberry
48.	Update to web console 2.0.0.Final	Closed	Heiko Braun
49.	Test that validate-address and validate-operation do not leak non-addressable addresses	Closed	Ladislav Thon
50.	RBAC-based tab completion for the CLI commands	Closed	Alexey Loubyansky
51.	read-operation-names to return a filtered list of allowed operations	Closed	Kabir Khan
52.	ProxyStepHandler/Controller need to check access before attempting to read information	Closed	Kabir Khan
53.	Improve SecurityRealm service removal.	Closed	Darran Lofthouse
54.	Security Realm - authorization validation	Closed	Darran Lofthouse
55.	Defining <outbound-connections> in <management> prevents the server to start	Closed	Darran Lofthouse
56.	Add transformers for RBAC resources	Closed	Brian Stansberry
57.	Enforce permissions on deployment upload ops	Closed	Brian Stansberry
58.	Enforce and correctly describe permissions on domain server lifecycle ops	Closed	Brian Stansberry
59.	Priviledge alignment for scoped resources	Closed	Brian Stansberry
60.	include-all role mappings don't work in domain	Closed	Darran Lofthouse
61.	Unable to reload server after adding role and executing :reload	Closed	Darran Lofthouse
62.	Add sensitivities to the subsystem 'describe' operations	Closed	Brian Stansberry
63.	A problem setting include-all on a role mapping is failing getting rolled back.	Closed	Darran Lofthouse
64.	Lack of model integrity checking regarding role mappings, standard role names and scoped role names.	Closed	Darran Lofthouse
65.	Expose the list of standard role names and of all role names	Closed	Brian Stansberry
66.	Deployer can't modify data source when datasources set as application resources	Closed	Brian Stansberry
67.	SGSR permission are wrong on server-config	Closed	Brian Stansberry
68.	Allow access-control "write" metadata to say "true" for read-only attributes	Closed	Brian Stansberry
69.	Trying to remove a server group as a server-group-scoped role leaks information	Closed	Brian Stansberry
70.	Populate the Subject with the required prinicpals for rbac/audit logging earlier	Closed	Darran Lofthouse
71.	Eliminate additional round trip exchange of Subject from host controller to app server or slave host controllers.	Closed	Darran Lofthouse
72.	AccessControlContext and management users Subject leaking into thread pool of host controller executor.	Closed	Darran Lofthouse
73.	Security Realm and LDAP Connection incorrectly available as resourced under core-services=management in domain mode.	Closed	Darran Lofthouse
74.	Missing filtering response header from type=*:read-resource	Closed	Brian Stansberry
75.	OperationContext.readResourceFromRoot throws UnauthorizedException even when the user doesn't have 'address' perms	Closed	Brian Stansberry

Assignee:: Darran Lofthouse

Reporter:: Darran Lofthouse

Votes:: 9 Vote for this issue

Watchers:: 16 Start watching this issue

Created:: 2011/08/11 1:38 PM

Updated:: 2020/09/14 5:04 AM

Resolved:: 2014/01/28 2:14 PM

Details

Description

Attachments

Issue Links

Sub-Tasks

Activity

People

Dates