Issue Details (XML | Word | Printable)

Key: GLASSFISH-14770
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Anissa Lam
Reporter: shaline
Votes: 0
Watchers: 1
Operations

If you were logged in you would be able to see more operations.
glassfish

Realm: new user added to admin-realm in server-config is copied to all other configs

Created: 17/Nov/10 06:49 PM   Updated: 17/Feb/11 01:58 PM   Resolved: 19/Dec/10 01:23 PM
Component/s: admin_gui
Affects Version/s: 3.1
Fix Version/s: 3.1_ms07

Time Tracking:
Not Specified

Environment:

Operating System: All
Platform: All

Issue Links:
Dependency
 

Issuezilla Id: 14,770
Tags: 3_1-verified
Participants: Anissa Lam, Jason Lee, shaline, shaline and srinik76


 Description  « Hide

build used : GF V3.1 promoted b30.

Create a new config(testconfig) by copying from default-config.
In the server-config, create a new user in the Security/Realms/admin-realm/.

This new user also gets added to the new config ( test-config). It is also vice
versa, meaning a new user created in the new config, gets added to server-config.
Same with deletion, In the new-config if we delete a newly created user in the
admin-realm, this user gets deleted from server-config also.



srinik76 added a comment - 28/Nov/10 11:42 PM

Create a new config test-config and using this config created a instance test-instance and under admin-realm added user using the following REST URL using REST GUI Interface

http://localhost:4848/management/domain/configs/config/test-config/security-service/auth-realm/admin-realm/create-user

Added the user test under test group.

Now using the following REST URL
http://localhost:4848/management/domain/configs/config/test-config/security-service/auth-realm/admin-realm/list-users

gives user admin and test

Now if we check the following REST URL to list users under sever-config,
http://localhost:4848/management/domain/configs/config/server-config/security-service/auth-realm/admin-realm/list-users

also it lists users admin and test.

Assigning to Jason to look into this.


Jason Lee added a comment - 29/Nov/10 01:52 PM

list-file-users seems to have the same issue WRT --target.


Jason Lee added a comment - 29/Nov/10 02:01 PM

This seems to be a CLI issue. It seems the CLI is not discriminating between the realms when listing users. A blocking issue has been linked to this one.


Jason Lee added a comment - 01/Dec/10 12:52 PM

There appears to be a CLI issue blocking the fix on this. An issue has been filed and linked.


Jason Lee added a comment - 06/Dec/10 01:45 PM

The CLI fix seems to have fixed this issue.


shaline added a comment - 17/Dec/10 05:00 PM

This issue still exists on GF nightly dated b34-12-16.
Tried 2 scenarios:
1)Created a new user (administrator) in the admin-realm for default-config and added a password, this user got copied over to server-config, and even logout button got activated.

2)Created a new configuration by copying from default-config. and in the new configuration added a new user "adminadmin" under security/admin-realm, This user got copied over to server-config, and even to default-config.


Anissa Lam added a comment - 18/Dec/10 08:41 PM

The create-file-user command does not take in target as option. I have reopened the bug GLASSFISH-14860

Usage: asadmin [asadmin-utility-options] create-file-user
[--groups user_groups[:user_groups]*] [--authrealmname <authrealm_name>]
[?|-help[=<help(default:false)>]] username
Command create-file-user failed.

So, all user is added to server-config.


Anissa Lam added a comment - 19/Dec/10 01:23 PM

I am closing this bug as previous status, Fixed. The scenario that you mentioned is the expected behavior.

Note that the list of user all depends on the property keyFile. The keyFile for all the config that you mentioned ALL have the EXACT same keyFile. Thus when creating/removing user from one config, it will reflect to another config.

You can try changing the keyFile property for testing.
However, i saw problem in the backend for listing user. Refer to GLASSFISH-15273.

Whenever you see problem with the GUI, PLEASE also try that using CLI. There are enough example in GLASSFISH-15273 that shows you how to do that. If GUI and CLI shows the same thing, it is not GUI bug, but backend bug.


shaline added a comment - 17/Feb/11 01:58 PM

Verified in promoted b43.