February 2021 - infinispan-issues

[Red Hat JIRA] (ISPN-12726) Server should support a truststore for client cert validation

by Tristan Tarrant (Jira)

[ https://issues.redhat.com/browse/ISPN-12726?page=com.atlassian.jira.plugi... ] Tristan Tarrant updated ISPN-12726: ----------------------------------- Status: Open (was: New) > Server should support a truststore for client cert validation > ------------------------------------------------------------- > > Key: ISPN-12726 > URL: https://issues.redhat.com/browse/ISPN-12726 > Project: Infinispan > Issue Type: Enhancement > Components: Security, Server > Affects Versions: 12.0.0.Final > Reporter: Tristan Tarrant > Assignee: Tristan Tarrant > Priority: Major > Fix For: 12.1.0.Final > > > While it is possible to authenticate clients using a certificate, this requires a trust store realm which means adding all possible client certificates to the trust store. Simple validation (not authentication) of certificates based on their trust chain is currently not supported. > We should enhance the SSL server identity to support a truststore without requiring a trust realm. > {code:xml} > <security-realm name="default"> > <server-identities> > <ssl> > <keystore path="server.pfx" keystore-password="secret" alias="server"/> > <truststore path="ca.pfx" password="secret"/> > </ssl> > </server-identities> > </security-realm> > {code} > If a truststore is present, client cert will be required on incoming connections. -- This message was sent by Atlassian Jira (v8.13.1#813001)

3 years, 2 months

1
0
0 / 0

[Red Hat JIRA] (ISPN-12726) Server should support a truststore for client cert validation

by Tristan Tarrant (Jira)

[ https://issues.redhat.com/browse/ISPN-12726?page=com.atlassian.jira.plugi... ] Tristan Tarrant updated ISPN-12726: ----------------------------------- Git Pull Request: https://github.com/infinispan/infinispan/pull/9070 Status: Pull Request Sent (was: Open) > Server should support a truststore for client cert validation > ------------------------------------------------------------- > > Key: ISPN-12726 > URL: https://issues.redhat.com/browse/ISPN-12726 > Project: Infinispan > Issue Type: Enhancement > Components: Security, Server > Affects Versions: 12.0.0.Final > Reporter: Tristan Tarrant > Assignee: Tristan Tarrant > Priority: Major > Fix For: 12.1.0.Final > > > While it is possible to authenticate clients using a certificate, this requires a trust store realm which means adding all possible client certificates to the trust store. Simple validation (not authentication) of certificates based on their trust chain is currently not supported. > We should enhance the SSL server identity to support a truststore without requiring a trust realm. > {code:xml} > <security-realm name="default"> > <server-identities> > <ssl> > <keystore path="server.pfx" keystore-password="secret" alias="server"/> > <truststore path="ca.pfx" password="secret"/> > </ssl> > </server-identities> > </security-realm> > {code} > If a truststore is present, client cert will be required on incoming connections. -- This message was sent by Atlassian Jira (v8.13.1#813001)

3 years, 2 months

1
0
0 / 0

[Red Hat JIRA] (ISPN-12754) Docs: Remove callouts from XML snippets

by Donald Naro (Jira)

[ https://issues.redhat.com/browse/ISPN-12754?page=com.atlassian.jira.plugi... ] Donald Naro updated ISPN-12754: ------------------------------- Sprint: DataGrid Sprint #57 > Docs: Remove callouts from XML snippets > --------------------------------------- > > Key: ISPN-12754 > URL: https://issues.redhat.com/browse/ISPN-12754 > Project: Infinispan > Issue Type: Enhancement > Components: Documentation > Affects Versions: 12.0.0.Final > Reporter: Donald Naro > Assignee: Donald Naro > Priority: Major > > Follows on from ISPN-12693 to convert callouts in xml snippets to comment or make sure callouts can exist in yaml as well. -- This message was sent by Atlassian Jira (v8.13.1#813001)

3 years, 2 months

1
0
0 / 0

[Red Hat JIRA] (ISPN-12754) Docs: Remove callouts from XML snippets

by Donald Naro (Jira)

[ https://issues.redhat.com/browse/ISPN-12754?page=com.atlassian.jira.plugi... ] Donald Naro updated ISPN-12754: ------------------------------- Git Pull Request: (was: https://github.com/infinispan/infinispan/pull/9059) > Docs: Remove callouts from XML snippets > --------------------------------------- > > Key: ISPN-12754 > URL: https://issues.redhat.com/browse/ISPN-12754 > Project: Infinispan > Issue Type: Enhancement > Components: Documentation > Affects Versions: 12.0.0.Final > Reporter: Donald Naro > Assignee: Donald Naro > Priority: Major > > Follows on from ISPN-12693 to convert callouts in xml snippets to comment or make sure callouts can exist in yaml as well. -- This message was sent by Atlassian Jira (v8.13.1#813001)

3 years, 2 months

1
0
0 / 0

[Red Hat JIRA] (ISPN-12754) Docs: Remove callouts from XML snippets

by Donald Naro (Jira)

[ https://issues.redhat.com/browse/ISPN-12754?page=com.atlassian.jira.plugi... ] Donald Naro updated ISPN-12754: ------------------------------- Description: Follows on from ISPN-12693 to convert callouts in xml snippets to comment or make sure callouts can exist in yaml as well. (was: Convert callouts in xml snippets to comment or make sure callouts can exist in yaml as well.) > Docs: Remove callouts from XML snippets > --------------------------------------- > > Key: ISPN-12754 > URL: https://issues.redhat.com/browse/ISPN-12754 > Project: Infinispan > Issue Type: Enhancement > Components: Documentation > Affects Versions: 12.0.0.Final > Reporter: Donald Naro > Assignee: Donald Naro > Priority: Major > > Follows on from ISPN-12693 to convert callouts in xml snippets to comment or make sure callouts can exist in yaml as well. -- This message was sent by Atlassian Jira (v8.13.1#813001)

3 years, 2 months

1
0
0 / 0

[Red Hat JIRA] (ISPN-11121) Cache using single file store fails to start when security manager is enabled

by Dan Berindei (Jira)

[ https://issues.redhat.com/browse/ISPN-11121?page=com.atlassian.jira.plugi... ] Dan Berindei updated ISPN-11121: -------------------------------- Status: Open (was: Pull Request Sent) > Cache using single file store fails to start when security manager is enabled > ----------------------------------------------------------------------------- > > Key: ISPN-11121 > URL: https://issues.redhat.com/browse/ISPN-11121 > Project: Infinispan > Issue Type: Bug > Components: Core > Affects Versions: 9.4.17.Final > Reporter: Paul Ferraro > Assignee: Dan Berindei > Priority: Critical > > After upgrading to 9.4.17.Final, caches using a single file store throw a AccessControlException on startup. This looks like a regression introduced by the fix for ISPN-9600, which no longer performs component start within a privileged action. > {noformat} > &amp#27;[0m&amp#27;[31m07:21:37,237 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 20) MSC000001: Failed to start service jboss.deployment.unit."XSiteSimpleTestCase.war".undertow-deployment: org.jboss.msc.service.StartException in service jboss.deployment.unit."XSiteSimpleTestCase.war".undertow-deployment: org.infinispan.commons.CacheException: Unable to invoke method public void org.infinispan.persistence.manager.PersistenceManagerImpl.start() on object of type PersistenceManagerImpl > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:81) > at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) > at java.util.concurrent.FutureTask.run(FutureTask.java:266) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) > at java.lang.Thread.run(Thread.java:748) > at org.jboss.threads.JBossThread.run(JBossThread.java:485) > Caused by: org.infinispan.commons.CacheException: Unable to invoke method public void org.infinispan.persistence.manager.PersistenceManagerImpl.start() on object of type PersistenceManagerImpl > at org.infinispan.commons.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:193) > at org.infinispan.factories.impl.BasicComponentRegistryImpl.startWrapper(BasicComponentRegistryImpl.java:520) > at org.infinispan.factories.impl.BasicComponentRegistryImpl$ComponentWrapper.running(BasicComponentRegistryImpl.java:711) > at org.infinispan.factories.impl.BasicComponentRegistryImpl.startDependencies(BasicComponentRegistryImpl.java:552) > at org.infinispan.factories.impl.BasicComponentRegistryImpl.startWrapper(BasicComponentRegistryImpl.java:505) > at org.infinispan.factories.impl.BasicComponentRegistryImpl$ComponentWrapper.running(BasicComponentRegistryImpl.java:711) > at org.infinispan.factories.impl.BasicComponentRegistryImpl.startDependencies(BasicComponentRegistryImpl.java:552) > at org.infinispan.factories.impl.BasicComponentRegistryImpl.startWrapper(BasicComponentRegistryImpl.java:505) > at org.infinispan.factories.impl.BasicComponentRegistryImpl$ComponentWrapper.running(BasicComponentRegistryImpl.java:711) > at org.infinispan.factories.impl.BasicComponentRegistryImpl.startDependencies(BasicComponentRegistryImpl.java:552) > at org.infinispan.factories.impl.BasicComponentRegistryImpl.startWrapper(BasicComponentRegistryImpl.java:505) > at org.infinispan.factories.impl.BasicComponentRegistryImpl$ComponentWrapper.running(BasicComponentRegistryImpl.java:711) > at org.infinispan.factories.impl.BasicComponentRegistryImpl.startDependencies(BasicComponentRegistryImpl.java:552) > at org.infinispan.factories.impl.BasicComponentRegistryImpl.startWrapper(BasicComponentRegistryImpl.java:505) > at org.infinispan.factories.impl.BasicComponentRegistryImpl$ComponentWrapper.running(BasicComponentRegistryImpl.java:711) > at org.infinispan.factories.AbstractComponentRegistry.internalStart(AbstractComponentRegistry.java:428) > at org.infinispan.factories.AbstractComponentRegistry.start(AbstractComponentRegistry.java:325) > at org.infinispan.factories.ComponentRegistry.start(ComponentRegistry.java:165) > at org.infinispan.cache.impl.CacheImpl.start(CacheImpl.java:1110) > at org.infinispan.cache.impl.AbstractDelegatingCache.start(AbstractDelegatingCache.java:511) > at org.infinispan.manager.DefaultCacheManager.wireAndStartCache(DefaultCacheManager.java:660) > at org.infinispan.manager.DefaultCacheManager.createCache(DefaultCacheManager.java:604) > at org.infinispan.manager.DefaultCacheManager.internalGetCache(DefaultCacheManager.java:487) > at org.infinispan.manager.DefaultCacheManager.getCache(DefaultCacheManager.java:440) > at org.jboss.as.clustering.infinispan.DefaultCacheContainer.getCache(DefaultCacheContainer.java:86) > at org.jboss.as.test.clustering.cluster.xsite.CacheAccessServlet.init(CacheAccessServlet.java:97) > at javax.servlet.GenericServlet.init(GenericServlet.java:180) > at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117) > at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78) > at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103) > at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:305) > at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:145) > at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:585) > at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:556) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504) > at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:598) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:97) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:78) > ... 8 more > Caused by: org.infinispan.commons.CacheException: Unable to start cache loaders > at org.infinispan.persistence.manager.PersistenceManagerImpl.start(PersistenceManagerImpl.java:182) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.infinispan.commons.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:188) > ... 51 more > Caused by: org.infinispan.persistence.spi.PersistenceException: ISPN000527: Maximum startup attempts exceeded for store org.infinispan.persistence.file.SingleFileStore > at org.infinispan.persistence.manager.PersistenceManagerImpl.startStore(PersistenceManagerImpl.java:1082) > at org.infinispan.persistence.manager.PersistenceManagerImpl.startWriter(PersistenceManagerImpl.java:1031) > at org.infinispan.persistence.manager.PersistenceManagerImpl.lambda$start$0(PersistenceManagerImpl.java:164) > at java.util.ArrayList.forEach(ArrayList.java:1257) > at org.infinispan.persistence.manager.PersistenceManagerImpl.start(PersistenceManagerImpl.java:164) > ... 56 more > Caused by: org.infinispan.persistence.spi.PersistenceException: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/work/tc-work/bb15431f347cd651/testsuite/integration/clustering/target/wildfly-1/standalone/data/infinispan/web/dist.dat" "read")" in code source "(vfs:/content/XSiteSimpleTestCase.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.XSiteSimpleTestCase.war" from Service Module Loader") > at org.infinispan.persistence.file.SingleFileStore.start(SingleFileStore.java:136) > at org.infinispan.persistence.manager.PersistenceManagerImpl.lambda$startWriter$22(PersistenceManagerImpl.java:1039) > at org.infinispan.persistence.manager.PersistenceManagerImpl.startStore(PersistenceManagerImpl.java:1068) > ... 60 more > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/work/tc-work/bb15431f347cd651/testsuite/integration/clustering/target/wildfly-1/standalone/data/infinispan/web/dist.dat" "read")" in code source "(vfs:/content/XSiteSimpleTestCase.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.XSiteSimpleTestCase.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:303) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:200) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:368) > at java.io.File.exists(File.java:814) > at org.infinispan.persistence.file.SingleFileStore.start(SingleFileStore.java:109) > ... 62 more > {noformat} -- This message was sent by Atlassian Jira (v8.13.1#813001)

3 years, 2 months

1
0
0 / 0

[Red Hat JIRA] (ISPN-12731) Cache collections and streams ignore values added in current transaction

by Will Burns (Jira)

[ https://issues.redhat.com/browse/ISPN-12731?page=com.atlassian.jira.plugi... ] Will Burns updated ISPN-12731: ------------------------------ Fix Version/s: 13.0.0.Final Resolution: Done Status: Resolved (was: Pull Request Sent) > Cache collections and streams ignore values added in current transaction > ------------------------------------------------------------------------ > > Key: ISPN-12731 > URL: https://issues.redhat.com/browse/ISPN-12731 > Project: Infinispan > Issue Type: Bug > Components: Core, Streams > Affects Versions: 11.0.9.Final, 12.0.1.Final > Reporter: Dan Berindei > Assignee: Dan Berindei > Priority: Major > Fix For: 12.1.0.Final, 13.0.0.Final > > > This test fails, as the {{results}} list is empty: > {code:java} > public void testValuesIncludesEntriesNotYetCommitted() throws Exception { > Cache<Object, String> cache = cache(0, CACHE_NAME); > TransactionManager tm = tm(cache); > tm.begin(); > try { > Map<Object, String> values = putValueInEachCache(3); > List<String> results = new ArrayList<>(cache.values()); > assertEquals(values, results); > } finally { > tm.rollback(); > } > } > {code} -- This message was sent by Atlassian Jira (v8.13.1#813001)

3 years, 2 months

1
0
0 / 0

[Red Hat JIRA] (ISPN-12351) ImmutableListCopy makes too many copies

by Dan Berindei (Jira)

[ https://issues.redhat.com/browse/ISPN-12351?page=com.atlassian.jira.plugi... ] Dan Berindei closed ISPN-12351. ------------------------------- > ImmutableListCopy makes too many copies > --------------------------------------- > > Key: ISPN-12351 > URL: https://issues.redhat.com/browse/ISPN-12351 > Project: Infinispan > Issue Type: Bug > Components: Core > Affects Versions: 12.0.0.Dev03 > Reporter: Dan Berindei > Assignee: Dan Berindei > Priority: Minor > Fix For: 12.0.0.Final > > > An array copy is not needed when creating a new {{ImmutableListCopy}} instance from another {{ImmutableListCopy}}. > The constructor with 2 list parameters can also avoid one array allocation by pre-allocating the array, or by using one list's array when the other list is empty. -- This message was sent by Atlassian Jira (v8.13.1#813001)

3 years, 2 months

1
0
0 / 0

[Red Hat JIRA] (ISPN-12351) ImmutableListCopy makes too many copies

by Dan Berindei (Jira)

[ https://issues.redhat.com/browse/ISPN-12351?page=com.atlassian.jira.plugi... ] Dan Berindei updated ISPN-12351: -------------------------------- Fix Version/s: 12.0.0.Final (was: 12.1.0.Final) Resolution: Done Status: Resolved (was: Pull Request Sent) Fixed with ISPN-12221 > ImmutableListCopy makes too many copies > --------------------------------------- > > Key: ISPN-12351 > URL: https://issues.redhat.com/browse/ISPN-12351 > Project: Infinispan > Issue Type: Bug > Components: Core > Affects Versions: 12.0.0.Dev03 > Reporter: Dan Berindei > Assignee: Dan Berindei > Priority: Minor > Fix For: 12.0.0.Final > > > An array copy is not needed when creating a new {{ImmutableListCopy}} instance from another {{ImmutableListCopy}}. > The constructor with 2 list parameters can also avoid one array allocation by pre-allocating the array, or by using one list's array when the other list is empty. -- This message was sent by Atlassian Jira (v8.13.1#813001)

3 years, 2 months

1
0
0 / 0

[Red Hat JIRA] (ISPN-12693) Docs: Add tabbed extension and start cleaning up XML snippets

by Donald Naro (Jira)

[ https://issues.redhat.com/browse/ISPN-12693?page=com.atlassian.jira.plugi... ] Donald Naro updated ISPN-12693: ------------------------------- Summary: Docs: Add tabbed extension and start cleaning up XML snippets (was: Docs: Add tabbed extension and remove callouts from XML snippets) > Docs: Add tabbed extension and start cleaning up XML snippets > ------------------------------------------------------------- > > Key: ISPN-12693 > URL: https://issues.redhat.com/browse/ISPN-12693 > Project: Infinispan > Issue Type: Enhancement > Components: Documentation > Affects Versions: 12.0.0.Final > Reporter: Donald Naro > Assignee: Donald Naro > Priority: Major > > Add tabbed extension: https://github.com/bmuschko/asciidoctorj-tabbed-code-extension > Convert callouts in xml snippets to comment so we can convert to yaml. -- This message was sent by Atlassian Jira (v8.13.1#813001)

3 years, 2 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

infinispan-issues February 2021