May 2014 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-3221) flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-3221?page=com.atlassian.jira.plugin.... ] Darran Lofthouse commented on WFLY-3221: ---------------------------------------- It sounds like you have a good understanding of the problem and have spent some time understanding the code in this area, why not finish off your solution to make it generic and get a pull request sent over? That way we can get your changes incorporated in master. > flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials > ------------------------------------------------------------------------------------- > > Key: WFLY-3221 > URL: https://issues.jboss.org/browse/WFLY-3221 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Security > Affects Versions: 8.0.0.Final > Reporter: Jorge Marmolejo > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 9.0.0.Alpha1 > > > The attribute flushOnSessionInvalidation does not flush the user credentials when the session is invalidated or when it times out. If the password or roles change for the user, the only way to get the new changes is by restarting the server. > I tried removing "cache-type=default" from the standalone-full.xml and it works, but for every action made on the site, the login method in the authentication module is called. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

11 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3404) Major performance degradation from JBoss 7.1 to Wildfly 8.0.0-Final.

by jaikiran pai (JIRA)

[ https://issues.jboss.org/browse/WFLY-3404?page=com.atlassian.jira.plugin.... ] jaikiran pai commented on WFLY-3404: ------------------------------------ I think this was fixed in a later release as noted in https://community.jboss.org/message/862500#862500. Try the later releases from here http://wildfly.org/downloads/ > Major performance degradation from JBoss 7.1 to Wildfly 8.0.0-Final. > -------------------------------------------------------------------- > > Key: WFLY-3404 > URL: https://issues.jboss.org/browse/WFLY-3404 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Affects Versions: 8.0.0.Final > Reporter: Timothy Heider > Assignee: Jason Greene > > I have deployed my application to Wildfly 8.0.0 Final and it is almost unusable now. We have rolled back to JBoss 7.1 (same application WARs) and it works fine. > Specifically what seems to be slow is our SOAP web services are taking up to 8 to 10 seconds to respond. We have user concurrency of probably 10-30 users at once hitting these services every 10 seconds or so. > On JBoss 7.1 these services all respond sub-second. The database is totally unburdened and the server is 90% idle all the time. > We have one service endpoint that is a Comet queue wait call. Probably 10 users are waiting on that. Did something change between JBoss 7 and Wildfly 8 that might cause that to not work now? (e.g. too small a thread pool that blocks until the 10 second comet call breaks on a timeout?) > We will try 8.1.0CR2 but I wanted to report we're investigating this and see if you can help us. Thanks! -- This message was sent by Atlassian JIRA (v6.2.3#6260)

11 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3221) flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials

by Pavel Kovalenko (JIRA)

[ https://issues.jboss.org/browse/WFLY-3221?page=com.atlassian.jira.plugin.... ] Pavel Kovalenko commented on WFLY-3221: --------------------------------------- I found this operation when I was exploring source code. But anyway it's not a good solution when roles changes frequently. > flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials > ------------------------------------------------------------------------------------- > > Key: WFLY-3221 > URL: https://issues.jboss.org/browse/WFLY-3221 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Security > Affects Versions: 8.0.0.Final > Reporter: Jorge Marmolejo > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 9.0.0.Alpha1 > > > The attribute flushOnSessionInvalidation does not flush the user credentials when the session is invalidated or when it times out. If the password or roles change for the user, the only way to get the new changes is by restarting the server. > I tried removing "cache-type=default" from the standalone-full.xml and it works, but for every action made on the site, the login method in the authentication module is called. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

11 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3221) flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-3221?page=com.atlassian.jira.plugin.... ] Darran Lofthouse edited comment on WFLY-3221 at 5/30/14 8:32 AM: ----------------------------------------------------------------- There is no requirement to restart the server, the security domains contain a flush-cache operation that can be called to clear either the whole security domain or a selected principal from the cache. was (Author: dlofthouse): There is no requirement to restart the server, the security domains contain a flush-cache method that can be called to clear either the whole security domain or a selected principal from the cache. > flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials > ------------------------------------------------------------------------------------- > > Key: WFLY-3221 > URL: https://issues.jboss.org/browse/WFLY-3221 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Security > Affects Versions: 8.0.0.Final > Reporter: Jorge Marmolejo > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 9.0.0.Alpha1 > > > The attribute flushOnSessionInvalidation does not flush the user credentials when the session is invalidated or when it times out. If the password or roles change for the user, the only way to get the new changes is by restarting the server. > I tried removing "cache-type=default" from the standalone-full.xml and it works, but for every action made on the site, the login method in the authentication module is called. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

11 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3221) flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-3221?page=com.atlassian.jira.plugin.... ] Darran Lofthouse commented on WFLY-3221: ---------------------------------------- There is no requirement to restart the server, the security domains contain a flush-cache method that can be called to clear either the whole security domain or a selected principal from the cache. > flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials > ------------------------------------------------------------------------------------- > > Key: WFLY-3221 > URL: https://issues.jboss.org/browse/WFLY-3221 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Security > Affects Versions: 8.0.0.Final > Reporter: Jorge Marmolejo > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 9.0.0.Alpha1 > > > The attribute flushOnSessionInvalidation does not flush the user credentials when the session is invalidated or when it times out. If the password or roles change for the user, the only way to get the new changes is by restarting the server. > I tried removing "cache-type=default" from the standalone-full.xml and it works, but for every action made on the site, the login method in the authentication module is called. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

11 years, 5 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-479) Pseudo Clock doesn't work for 2 not statements

by Davide Sottara (JIRA)

[ https://issues.jboss.org/browse/DROOLS-479?page=com.atlassian.jira.plugin... ] Davide Sottara commented on DROOLS-479: --------------------------------------- Please see my comments on the pull request > Pseudo Clock doesn't work for 2 not statements > ---------------------------------------------- > > Key: DROOLS-479 > URL: https://issues.jboss.org/browse/DROOLS-479 > Project: Drools > Issue Type: Bug > Security Level: Public(Everyone can see) > Affects Versions: 6.0.1.Final, 6.1.0.Beta3 > Environment: linux 14.04 > Reporter: Richard Ambridge > Assignee: Mark Proctor > Labels: pseudoclock > > If a rule (event) has the following: > + "when\n" > + " $s : Cheese(type==\"stinky\")\n" > + " not( Cheese(type==\"a\", this after [0s,3s] $s ) )\n" > + " not( Cheese(type==\"b\", this after [0s,5s] $s ) )\n" //2 * not > and pseudo clock is used, the rule doesn't fire. > If realtime clock is used, the rule works. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

11 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3221) flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials

by Pavel Kovalenko (JIRA)

[ https://issues.jboss.org/browse/WFLY-3221?page=com.atlassian.jira.plugin.... ] Pavel Kovalenko commented on WFLY-3221: --------------------------------------- Hi guys. I think it's very critical bug and must be resolved as fast as possible. E.g. in my application I use LDAP and roles changes very often, so I can't reboot server after every change. I was hoping that it will fix in 8.1.0.Final and after I noticed that fix version was changed to 9.0.0.Aplha I was frustrated. I realized that I could not wait any longer and after exploring Wildfly source code I found solution for this problem. Next 2 classes flushes credentials after session destroying. {code:title=CredentialsCatchFilter.java|borderStyle=solid} @WebFilter(urlPatterns = "*") public class CredentialsCatchFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain next) throws IOException, ServletException { if (request instanceof HttpServletRequest) { HttpServletRequest httpServletRequest = (HttpServletRequest) request; if (httpServletRequest.getSession().getAttribute("principal") == null && httpServletRequest.getUserPrincipal() != null) { httpServletRequest.getSession().setAttribute("principal", httpServletRequest.getUserPrincipal()); } } next.doFilter(request, response); } @Override public void destroy() { } } {code} {code:title=FlushCredentialsListener.java|borderStyle=solid} @WebListener public class FlushCredentialsListener implements HttpSessionListener { @Resource(name = "java:jboss/jaas/ldap/authenticationMgr") private CacheableManager<?, Principal> authenticationManager; @Override public void sessionCreated(HttpSessionEvent httpSessionEvent) { } @Override public void sessionDestroyed(HttpSessionEvent httpSessionEvent) { Principal principal = (Principal) httpSessionEvent.getSession().getAttribute("principal"); if (principal != null) authenticationManager.flushCache(principal); } } {code} *Note:* In Resource annotation use your security domain name instead of "ldap". Hope, it will help developers to temporarily resolve this problem before official fix. > flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials > ------------------------------------------------------------------------------------- > > Key: WFLY-3221 > URL: https://issues.jboss.org/browse/WFLY-3221 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Security > Affects Versions: 8.0.0.Final > Reporter: Jorge Marmolejo > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 9.0.0.Alpha1 > > > The attribute flushOnSessionInvalidation does not flush the user credentials when the session is invalidated or when it times out. If the password or roles change for the user, the only way to get the new changes is by restarting the server. > I tried removing "cache-type=default" from the standalone-full.xml and it works, but for every action made on the site, the login method in the authentication module is called. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

11 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3408) { : } syntax is not explained

by jaikiran pai (JIRA)

[ https://issues.jboss.org/browse/WFLY-3408?page=com.atlassian.jira.plugin.... ] jaikiran pai commented on WFLY-3408: ------------------------------------ The syntax is as follows: {code} ${SomeSystemPropertyName:defaultValue} {code} You then set the system property SomeSystemPropertyName (typically) by passing it to the startup script: {code} ./standalone.sh -DSomeSystemPropertyName=foo {code} If it isn't set then the default value which follows the : will be used as the value for the element/attribute which uses that expression. > { : } syntax is not explained > ----------------------------- > > Key: WFLY-3408 > URL: https://issues.jboss.org/browse/WFLY-3408 > Project: WildFly > Issue Type: Documentation > Security Level: Public(Everyone can see) > Components: Documentation > Environment: https://docs.jboss.org/author/display/WFLY8/Admin+Guide#AdminGuide-Interf... > Reporter: Steve Fisher > Assignee: Tom Wells > > The { : } syntax which is used in the provided standalone-full.xml - for example - > <inet-address value="${jboss.bind.address.management:127.0.0.1}"/> > does not appear to be explained. I guess I can set jboss.bind.address.management somewhere to change the default value. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

11 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3418) deployed applications are not distributed to host controller(s)

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFLY-3418?page=com.atlassian.jira.plugin.... ] Kabir Khan commented on WFLY-3418: ---------------------------------- {quote} >we would need to reintroduce the 'old way' for slaves which are backups. correct But the DC should not push deployments (when a user deploys an app) to non-backup HC's which don't need them either. {quote} Yes, that's what I meant. old/aggressive way to backup HCs, new/lazy way to non-backup HCs. Sounds like we agree :-) > deployed applications are not distributed to host controller(s) > --------------------------------------------------------------- > > Key: WFLY-3418 > URL: https://issues.jboss.org/browse/WFLY-3418 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Domain Management > Affects Versions: 8.1.0.CR2 > Environment: Wildfly 8.1.0 CR5 domain mode > Reporter: Tom Fonteyne > Assignee: Brian Stansberry > > when a new HC is brought up into an existing DC/HC environment, it does not receive a copy of all deployed applications (e.g. the "content" folder) -- This message was sent by Atlassian JIRA (v6.2.3#6260)

11 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3418) deployed applications are not distributed to host controller(s)

by Tom Fonteyne (JIRA)

[ https://issues.jboss.org/browse/WFLY-3418?page=com.atlassian.jira.plugin.... ] Tom Fonteyne commented on WFLY-3418: ------------------------------------ It's bi-fold really: >we would need to reintroduce the 'old way' for slaves which are backups. correct But the DC should not push deployments (when a user deploys an app) to non-backup HC's which don't need them either. > deployed applications are not distributed to host controller(s) > --------------------------------------------------------------- > > Key: WFLY-3418 > URL: https://issues.jboss.org/browse/WFLY-3418 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Domain Management > Affects Versions: 8.1.0.CR2 > Environment: Wildfly 8.1.0 CR5 domain mode > Reporter: Tom Fonteyne > Assignee: Brian Stansberry > > when a new HC is brought up into an existing DC/HC environment, it does not receive a copy of all deployed applications (e.g. the "content" folder) -- This message was sent by Atlassian JIRA (v6.2.3#6260)

11 years, 5 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2014