[JBoss JIRA] (ISPN-7698) Administration console - minor issues with removing node
by Ryan Emerson (JIRA)
[ https://issues.jboss.org/browse/ISPN-7698?page=com.atlassian.jira.plugin.... ]
Ryan Emerson resolved ISPN-7698.
--------------------------------
Resolution: Done
> Administration console - minor issues with removing node
> --------------------------------------------------------
>
> Key: ISPN-7698
> URL: https://issues.jboss.org/browse/ISPN-7698
> Project: Infinispan
> Issue Type: Bug
> Components: JMX, reporting and management
> Affects Versions: 9.0.0.Final
> Reporter: Roman Macor
> Assignee: Vladimir Blagojevic
> Priority: Minor
> Fix For: 9.0.1.Final
>
>
> Removing node opens confirmation dialog which says:
> Remove server new-node from undefined?
> Suggested fix:
> The node must be in stopped state to perform the operation so the cluster info is not available. The confirmation might just say: Remove server new-node?
> After clicking confirm the Loading icon is displayed until users click on one of the tabs. (The node is successfully removed)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 9 months
[JBoss JIRA] (ISPN-7698) Administration console - minor issues with removing node
by Ryan Emerson (JIRA)
[ https://issues.jboss.org/browse/ISPN-7698?page=com.atlassian.jira.plugin.... ]
Ryan Emerson reassigned ISPN-7698:
----------------------------------
Assignee: Vladimir Blagojevic
> Administration console - minor issues with removing node
> --------------------------------------------------------
>
> Key: ISPN-7698
> URL: https://issues.jboss.org/browse/ISPN-7698
> Project: Infinispan
> Issue Type: Bug
> Components: JMX, reporting and management
> Affects Versions: 9.0.0.Final
> Reporter: Roman Macor
> Assignee: Vladimir Blagojevic
> Priority: Minor
> Fix For: 9.0.1.Final
>
>
> Removing node opens confirmation dialog which says:
> Remove server new-node from undefined?
> Suggested fix:
> The node must be in stopped state to perform the operation so the cluster info is not available. The confirmation might just say: Remove server new-node?
> After clicking confirm the Loading icon is displayed until users click on one of the tabs. (The node is successfully removed)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 9 months
[JBoss JIRA] (ISPN-7698) Administration console - minor issues with removing node
by Ryan Emerson (JIRA)
[ https://issues.jboss.org/browse/ISPN-7698?page=com.atlassian.jira.plugin.... ]
Ryan Emerson updated ISPN-7698:
-------------------------------
Fix Version/s: 9.0.1.Final
> Administration console - minor issues with removing node
> --------------------------------------------------------
>
> Key: ISPN-7698
> URL: https://issues.jboss.org/browse/ISPN-7698
> Project: Infinispan
> Issue Type: Bug
> Components: JMX, reporting and management
> Affects Versions: 9.0.0.Final
> Reporter: Roman Macor
> Assignee: Vladimir Blagojevic
> Priority: Minor
> Fix For: 9.0.1.Final
>
>
> Removing node opens confirmation dialog which says:
> Remove server new-node from undefined?
> Suggested fix:
> The node must be in stopped state to perform the operation so the cluster info is not available. The confirmation might just say: Remove server new-node?
> After clicking confirm the Loading icon is displayed until users click on one of the tabs. (The node is successfully removed)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 9 months
[JBoss JIRA] (ISPN-7698) Administration console - minor issues with removing node
by Ryan Emerson (JIRA)
[ https://issues.jboss.org/browse/ISPN-7698?page=com.atlassian.jira.plugin.... ]
Ryan Emerson updated ISPN-7698:
-------------------------------
Status: Open (was: New)
> Administration console - minor issues with removing node
> --------------------------------------------------------
>
> Key: ISPN-7698
> URL: https://issues.jboss.org/browse/ISPN-7698
> Project: Infinispan
> Issue Type: Bug
> Components: JMX, reporting and management
> Affects Versions: 9.0.0.Final
> Reporter: Roman Macor
> Assignee: Vladimir Blagojevic
> Priority: Minor
> Fix For: 9.0.1.Final
>
>
> Removing node opens confirmation dialog which says:
> Remove server new-node from undefined?
> Suggested fix:
> The node must be in stopped state to perform the operation so the cluster info is not available. The confirmation might just say: Remove server new-node?
> After clicking confirm the Loading icon is displayed until users click on one of the tabs. (The node is successfully removed)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 9 months
[JBoss JIRA] (ISPN-7713) LDAP Authorization Common RoleName Mapper Case Insensitive CN extraction
by Tristan Tarrant (JIRA)
Tristan Tarrant created ISPN-7713:
-------------------------------------
Summary: LDAP Authorization Common RoleName Mapper Case Insensitive CN extraction
Key: ISPN-7713
URL: https://issues.jboss.org/browse/ISPN-7713
Project: Infinispan
Issue Type: Bug
Components: Security
Reporter: Kamesh Sampath
Priority: Critical
When enabling security with Inifinispan with LDAP backend and when using `common-role-name-mapper` for authorisation, the extraction fails to extract the role name when the role name attribute e.g. "cn" is used instead of "CN" in the distinguished name.
Its identified that the `org.infinispan.security.impl.CommonRoleMapper` use a case sensitive search and extracts roles only when the DN is like "CN=Developers,ou=Groups,dc=example,dc=com"
The current workaround is to use the use a ldap authorization like
{code:xml}
<group-search group-name="SIMPLE" iterative="true" group-dn-attribute="dn" group-name-attribute="cn">
<group-to-principal search-by="DISTINGUISHED_NAME" base-dn="ou=Groups,dc=example,dc=com">
<membership-filter principal-attribute="uniqueMember"/>
</group-to-principal>
</group-search>
{code}
and define the cache-container authorisation like
{code:xml}
<security>
<authorization>
<!-- This does not work as the role extraction uses case sensitive extraction of cn -->
<!-- common-name-role-mapper/ -->
<identity-role-mapper/>
<role name="ClusterAdmins" permissions="ALL"/>
<role name="Developers" permissions="WRITE"/>
<role name="Business" permissions="READ"/>
<role name="Managers" permissions="ALL_READ ALL_WRITE"/>
</authorization>
</security>
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 9 months
[JBoss JIRA] (ISPN-7712) LDAP Authorization Common RoleName Mapper Case Insensitive CN extraction
by Tristan Tarrant (JIRA)
[ https://issues.jboss.org/browse/ISPN-7712?page=com.atlassian.jira.plugin.... ]
Tristan Tarrant updated ISPN-7712:
----------------------------------
Status: Pull Request Sent (was: Open)
Git Pull Request: https://github.com/infinispan/infinispan/pull/5066
> LDAP Authorization Common RoleName Mapper Case Insensitive CN extraction
> -------------------------------------------------------------------------
>
> Key: ISPN-7712
> URL: https://issues.jboss.org/browse/ISPN-7712
> Project: Infinispan
> Issue Type: Bug
> Components: Security
> Reporter: Kamesh Sampath
> Priority: Critical
> Labels: ldap, ldap-realm, role-mapping
> Attachments: example.com.ldif, jdg-security-demo.tar.gz, ldap_cluster_notworking.xml, ldap_cluster_workaround.xml
>
>
> When enabling security with Inifinispan with LDAP backend and when using `common-role-name-mapper` for authorisation, the extraction fails to extract the role name when the role name attribute e.g. "cn" is used instead of "CN" in the distinguished name.
> Its identified that the `org.infinispan.security.impl.CommonRoleMapper` use a case sensitive search and extracts roles only when the DN is like "CN=Developers,ou=Groups,dc=example,dc=com"
> The current workaround is to use the use a ldap authorization like
> {code:xml}
> <group-search group-name="SIMPLE" iterative="true" group-dn-attribute="dn" group-name-attribute="cn">
> <group-to-principal search-by="DISTINGUISHED_NAME" base-dn="ou=Groups,dc=example,dc=com">
> <membership-filter principal-attribute="uniqueMember"/>
> </group-to-principal>
> </group-search>
> {code}
> and define the cache-container authorisation like
> {code:xml}
> <security>
> <authorization>
> <!-- This does not work as the role extraction uses case sensitive extraction of cn -->
> <!-- common-name-role-mapper/ -->
> <identity-role-mapper/>
> <role name="ClusterAdmins" permissions="ALL"/>
> <role name="Developers" permissions="WRITE"/>
> <role name="Business" permissions="READ"/>
> <role name="Managers" permissions="ALL_READ ALL_WRITE"/>
> </authorization>
> </security>
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 9 months
[JBoss JIRA] (ISPN-7712) LDAP Authorization Common RoleName Mapper Case Insensitive CN extraction
by Tristan Tarrant (JIRA)
[ https://issues.jboss.org/browse/ISPN-7712?page=com.atlassian.jira.plugin.... ]
Tristan Tarrant updated ISPN-7712:
----------------------------------
Status: Open (was: New)
> LDAP Authorization Common RoleName Mapper Case Insensitive CN extraction
> -------------------------------------------------------------------------
>
> Key: ISPN-7712
> URL: https://issues.jboss.org/browse/ISPN-7712
> Project: Infinispan
> Issue Type: Bug
> Components: Security
> Reporter: Kamesh Sampath
> Priority: Critical
> Labels: ldap, ldap-realm, role-mapping
> Attachments: example.com.ldif, jdg-security-demo.tar.gz, ldap_cluster_notworking.xml, ldap_cluster_workaround.xml
>
>
> When enabling security with Inifinispan with LDAP backend and when using `common-role-name-mapper` for authorisation, the extraction fails to extract the role name when the role name attribute e.g. "cn" is used instead of "CN" in the distinguished name.
> Its identified that the `org.infinispan.security.impl.CommonRoleMapper` use a case sensitive search and extracts roles only when the DN is like "CN=Developers,ou=Groups,dc=example,dc=com"
> The current workaround is to use the use a ldap authorization like
> {code:xml}
> <group-search group-name="SIMPLE" iterative="true" group-dn-attribute="dn" group-name-attribute="cn">
> <group-to-principal search-by="DISTINGUISHED_NAME" base-dn="ou=Groups,dc=example,dc=com">
> <membership-filter principal-attribute="uniqueMember"/>
> </group-to-principal>
> </group-search>
> {code}
> and define the cache-container authorisation like
> {code:xml}
> <security>
> <authorization>
> <!-- This does not work as the role extraction uses case sensitive extraction of cn -->
> <!-- common-name-role-mapper/ -->
> <identity-role-mapper/>
> <role name="ClusterAdmins" permissions="ALL"/>
> <role name="Developers" permissions="WRITE"/>
> <role name="Business" permissions="READ"/>
> <role name="Managers" permissions="ALL_READ ALL_WRITE"/>
> </authorization>
> </security>
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 9 months
[JBoss JIRA] (ISPN-7712) LDAP Authorization Common RoleName Mapper Case Insensitive CN extraction
by Kamesh Sampath (JIRA)
Kamesh Sampath created ISPN-7712:
------------------------------------
Summary: LDAP Authorization Common RoleName Mapper Case Insensitive CN extraction
Key: ISPN-7712
URL: https://issues.jboss.org/browse/ISPN-7712
Project: Infinispan
Issue Type: Bug
Components: Security
Reporter: Kamesh Sampath
Priority: Critical
Attachments: example.com.ldif, jdg-security-demo.tar.gz, ldap_cluster_notworking.xml, ldap_cluster_workaround.xml
When enabling security with Inifinispan with LDAP backend and when using `common-role-name-mapper` for authorisation, the extraction fails to extract the role name when the role name attribute e.g. "cn" is used instead of "CN" in the distinguished name.
Its identified that the `org.infinispan.security.impl.CommonRoleMapper` use a case sensitive search and extracts roles only when the DN is like "CN=Developers,ou=Groups,dc=example,dc=com"
The current workaround is to use the use a ldap authorization like
{code:xml}
<group-search group-name="SIMPLE" iterative="true" group-dn-attribute="dn" group-name-attribute="cn">
<group-to-principal search-by="DISTINGUISHED_NAME" base-dn="ou=Groups,dc=example,dc=com">
<membership-filter principal-attribute="uniqueMember"/>
</group-to-principal>
</group-search>
{code}
and define the cache-container authorisation like
{code:xml}
<security>
<authorization>
<!-- This does not work as the role extraction uses case sensitive extraction of cn -->
<!-- common-name-role-mapper/ -->
<identity-role-mapper/>
<role name="ClusterAdmins" permissions="ALL"/>
<role name="Developers" permissions="WRITE"/>
<role name="Business" permissions="READ"/>
<role name="Managers" permissions="ALL_READ ALL_WRITE"/>
</authorization>
</security>
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 9 months
[JBoss JIRA] (ISPN-7417) Implement transcoding
by Gustavo Fernandes (JIRA)
[ https://issues.jboss.org/browse/ISPN-7417?page=com.atlassian.jira.plugin.... ]
Gustavo Fernandes edited comment on ISPN-7417 at 4/7/17 1:24 PM:
-----------------------------------------------------------------
[~galder.zamarreno] The idea is to remove compatibility mode. For the task use case, the Infinispan server caches will be configured by default with a mime-type reflecting the storage format, for example:
_application/vnd.infinispan.v9.wrapped+x-jboss-marshalling_
At runtime it will be possible to decorate the cache to deal with other types, for example:
{code:java}
cache.withContentType("application/x-java-object")
{code}
all operations on that decorated cache will deal with POJOs, using internally a transcoder that supports _application/x-java-object_ and _application/vnd.infinispan.v9.wrapped+x-jboss-marshalling_ to do on-the-fly conversion
DISCLAIMER: this is all WIP at the moment, names and API calls are not final
was (Author: gustavonalle):
[~galder.zamarreno] The idea is to remove compatibility mode. For the task use case, the Infinispan server caches will be configured by default with a mime-type reflecting the storage format, for example:
_application/vnd.infinispan.v9.wrapped+x-jboss-marshalling_
At runtime it will be possible to decorate the cache to deal with other types, for example:
{code:java}
cache.withContentType("application/x-java-object")
{code}
all operations on that decorated cache will deal with POJOs, using a internally transcoder that supports _application/x-java-object_ and _application/vnd.infinispan.v9.wrapped+x-jboss-marshalling_ to do on-the-fly conversion
DISCLAIMER: this is all WIP at the moment, names and API calls are not final
> Implement transcoding
> ---------------------
>
> Key: ISPN-7417
> URL: https://issues.jboss.org/browse/ISPN-7417
> Project: Infinispan
> Issue Type: Enhancement
> Reporter: Galder Zamarreño
> Assignee: Gustavo Fernandes
>
> The aim of this JIRA is to implement transcoding so that data of any type can be stored and it can be transformed on the fly, regardless of the endpoint. The work of the JIRA will be split into different subtasks to be able to split the work.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 9 months