glassfish
  1. glassfish
  2. GLASSFISH-14860

create-file-user should allow specifying target

    Details

    • Type: Bug Bug
    • Status: Reopened
    • Priority: Minor Minor
    • Resolution: Unresolved
    • Affects Version/s: 3.1
    • Fix Version/s: 4.1
    • Component/s: security
    • Labels:
      None
    • Environment:

      all platform

      Description

      list-file-users , delete-file-user takes in target, but create-file-user doesn't.

      Usage: asadmin [asadmin-utility-options] create-file-user
      [--groups user_groups[:user_groups]*] [--authrealmname <authrealm_name>]
      [?|-help[=<help(default:false)>]] username

      Without being able to specify the target during creation, it seems this user is created for EVERY instance.
      here is what i see:

      %asadmin create-file-user --authrealmname file userABC

      Command create-file-user executed successfully.

      %asadmin list-file-users --authrealmname file server
      userABC
      Command list-file-users executed successfully.

      %asadmin list-file-users --authrealmname file instance-1
      userABC
      Command list-file-users executed successfully.

      Besides missing the target option, list and delete doesn't takes in config name as target.
      %asadmin list-file-users --authrealmname file sever-config
      org.glassfish.api.admin.CommandException: remote failure: Unable to find a valid target with name sever-config
      Command list-file-users failed.
      This doesn't sound right since any security realm is based on configuration, so it should take in config name as target as well.

      GUI issue (GLASSFISH-14797) and (GLASSFISH-14770) is depending on this bug fix. We want the following to happen:

      1. add 'target' as an option for create-file-user (blocks GLASSFISH-14770)
      2. config name should be a valid target. (blocks GLASSFISH-14797)

        Issue Links

          Activity

          Hide
          Anissa Lam added a comment - - edited

          ok, man page is correct and include --target.
          But usage does NOT have --target as an option. Thats why i was confused.

          Please fix the usage text so there is no confusion. I still see issues with creating and listing file user. will file another bug.

          Usage: asadmin [asadmin-utility-options] create-file-user
          [--groups user_groups[:user_groups]*] [--authrealmname <authrealm_name>]
          [?|-help[=<help(default:false)>]] username

          Also, since authrealmname is optional, what is the realmname defaults to if not specified. Man page didn't specify that either.

          Show
          Anissa Lam added a comment - - edited ok, man page is correct and include --target. But usage does NOT have --target as an option. Thats why i was confused. Please fix the usage text so there is no confusion. I still see issues with creating and listing file user. will file another bug. Usage: asadmin [asadmin-utility-options] create-file-user [--groups user_groups [:user_groups] *] [--authrealmname <authrealm_name>] [ ?| -help [=<help(default:false)>] ] username Also, since authrealmname is optional, what is the realmname defaults to if not specified. Man page didn't specify that either.
          Hide
          kumarjayanti added a comment - - edited

          Where is the usage controlled from and how do you get the usage string ?. Can you tell me the command which prints the usage ?, why is there a separate Usage apart from --help which shows up the manpage. It is not the security code that controls the usage. So please transfer the bug to Docs or Admin.

          Here is the usage that we have in comments on top of create-file-user.

          /**

          • Create File User Command
          • Usage: create-file-user [--terse=false] [--echo=false] [--interactive=true]
          • [--host localhost] [--port 4848|4849] [--secure | -s]
          • [--user admin_user] [--userpassword admin_passwd]
          • [--passwordfile file_name] [--groups user_groups[:user_groups]*]
          • [--authrealmname authrealm_name] [--target target(Default server)]
          • username
            *
          • @author Nandini Ektare
            */
          Show
          kumarjayanti added a comment - - edited Where is the usage controlled from and how do you get the usage string ?. Can you tell me the command which prints the usage ?, why is there a separate Usage apart from --help which shows up the manpage. It is not the security code that controls the usage. So please transfer the bug to Docs or Admin. Here is the usage that we have in comments on top of create-file-user. /** Create File User Command Usage: create-file-user [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848|4849] [--secure | -s] [--user admin_user] [--userpassword admin_passwd] [--passwordfile file_name] [--groups user_groups [:user_groups] *] [--authrealmname authrealm_name] [--target target(Default server)] username * @author Nandini Ektare */
          Hide
          Anissa Lam added a comment -

          Tom,
          Can you comment on how to fix the usage of a command ? If this is a trivial fix, maybe we should address that for 3.1
          thanks

          Show
          Anissa Lam added a comment - Tom, Can you comment on how to fix the usage of a command ? If this is a trivial fix, maybe we should address that for 3.1 thanks
          Hide
          Tom Mueller added a comment -

          The usage message is either automatically generated based on the @Param annotations, or, if the @I18n annotation is provided, and the appropriate key exists in the LocalStrings.properties file, then the usage message is taken from the properties file.

          In the case of create-file-user, it is the latter. The usage message is in the LocalStrings.properties file, and that message is missing the --target part.

          Reassigning back to Kumar to fix.

          Show
          Tom Mueller added a comment - The usage message is either automatically generated based on the @Param annotations, or, if the @I18n annotation is provided, and the appropriate key exists in the LocalStrings.properties file, then the usage message is taken from the properties file. In the case of create-file-user, it is the latter. The usage message is in the LocalStrings.properties file, and that message is missing the --target part. Reassigning back to Kumar to fix.
          Hide
          Tom Mueller added a comment -

          The 2.1.1 release has a --target option for the create-file-user command, so this is a regression.

          Show
          Tom Mueller added a comment - The 2.1.1 release has a --target option for the create-file-user command, so this is a regression.

            People

            • Assignee:
              kumarjayanti
              Reporter:
              Anissa Lam
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: