Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-9914

Server reload breaks security context

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Out of Date
    • Affects Version/s: 11.0.0.Final
    • Fix Version/s: None
    • Component/s: Security
    • Labels:
      None
    • Environment:

      Ubuntu 16.04 LTS, Oracle JDK 1.8.0_161

    • Release Notes Text:
      It cannot be reproduced in newer versions, resolving as outdated.

      Description

      Summary

      A minimal example webapp using Soteria and DeltaSpike Security works as expected when first deployed to WildFly.

      After issuing a reload command via jboss-cli.sh, the application no longer works, since no groups are associated to the caller principal.

      The problem no longer occurs after a server shutdown and restart.

      Details

      # Start server
      $ ${JBOSS_HOME}/bin/standalone.sh
      
      # Build and deploy demo
      $ git clone https://github.com/hwellmann/security-demo.git
      $ cd security-demo
      $ mvn deploy
      
      # Request protected resource
      $ curl -u operator:secret http://localhost:8080/api/version
      {"version":1}
      
      # Reload server
      $ ${JBOSS_HOME}/bin/jboss-cli.sh -c --command=:reload
      
      # Issue same request, access denied
      $ curl -u operator:secret http://localhost:8080/api/version
      {"message":"requested access to the resource is denied"}
      

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                tmiyar Teresa Miyar Gil
                Reporter:
                hwellmann.de Harald Wellmann
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: