January 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-5484) Calling HttpServletRequest.logout() with single sign-on enabled only works every second time

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-5484?page=com.atlassian.jira.plugin.... ] Paul Ferraro commented on WFLY-5484: ------------------------------------ [~swd847] Can you have a look at this? It appears that the initial HttpServletRequest.logout() does not triggering the requisite SecurityNotification that triggers invalidation of the SSO (i.e. via the notification listener registered during authentication). > Calling HttpServletRequest.logout() with single sign-on enabled only works every second time > -------------------------------------------------------------------------------------------- > > Key: WFLY-5484 > URL: https://issues.jboss.org/browse/WFLY-5484 > Project: WildFly > Issue Type: Bug > Components: Clustering, Web (Undertow) > Reporter: Richard Janík > Assignee: Paul Ferraro > Priority: Blocker > Fix For: 10.0.0.CR5 > > Attachments: reproducer-jbeap-1282.zip > > > See "Steps to Reproduce". Logging out from an application only works every second time, e.g. HttpRequestServlet.logout() has to be called twice in order to have any effect > This doesn't occur without <single-sign-on/> enabled - logout() has the expected effect. The issue is security related, thus I'm adding our security team members as watchers. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5473) Session.invalidate() does not invalidate SSO context for non-distributable applications

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-5473?page=com.atlassian.jira.plugin.... ] Paul Ferraro closed WFLY-5473. ------------------------------ Resolution: Cannot Reproduce Bug [~rjanik] I was not able to reproduce the issue against WF master using the steps provided in https://issues.jboss.org/browse/WFLY-5473?focusedCommentId=13144859&page=... Whenever I invalidate a non-distributed session, I see in the logs that the associated SSO is removed. Any subsequent requests using the same SSO are forced to reauthenticate, since the associated SSO is no longer valid. > Session.invalidate() does not invalidate SSO context for non-distributable applications > --------------------------------------------------------------------------------------- > > Key: WFLY-5473 > URL: https://issues.jboss.org/browse/WFLY-5473 > Project: WildFly > Issue Type: Bug > Components: Clustering, Web (Undertow) > Reporter: Richard Janík > Assignee: Paul Ferraro > Priority: Blocker > Fix For: 10.0.0.Final > > Attachments: reproducer.zip > > > See "Steps to Reproduce" for detailed description. > According to my limited knowledge, this was also the core issue in https://bugzilla.redhat.com/show_bug.cgi?id=924456 which has been dispatched as a one-off to a customer. Thus, I'm setting the priority to blocker as this is a regression against 6.4.x. No exceptions have been observed in the server output however. > Adding Clustering component as I've been trying this with standalone-ha.xml and BZ 924456 relates to clustering. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5951) pending-puts cache configuration is not started by the JPA subsystem

by Scott Marlow (JIRA)

[ https://issues.jboss.org/browse/WFLY-5951?page=com.atlassian.jira.plugin.... ] Scott Marlow commented on WFLY-5951: ------------------------------------ Example persistence unit {quote} <persistence-unit name="primary"> <jta-data-source>java:jboss/datasources/Hibernate4QuickstartDS</jta-data-source> <shared-cache-mode>ENABLE_SELECTIVE</shared-cache-mode> <class>org.jboss.as.quickstart.hibernate4.model.Member</class> <exclude-unlisted-classes>true</exclude-unlisted-classes> <properties> <property name="hibernate.cache.use_second_level_cache" value="true"/> <property name="hibernate.cache.use_query_cache" value="true"/> <property name="hibernate.cache.infinispan.immutable-entity.cfg" value="immutable-entity"/> <property name="hibernate.cache.infinispan.timestamps.cfg" value="timestamps"/> <property name="hibernate.cache.infinispan.pending-puts.cfg" value="pending-puts"/> </properties> </persistence-unit> {quote} > pending-puts cache configuration is not started by the JPA subsystem > -------------------------------------------------------------------- > > Key: WFLY-5951 > URL: https://issues.jboss.org/browse/WFLY-5951 > Project: WildFly > Issue Type: Bug > Components: JPA / Hibernate > Reporter: Paul Ferraro > Assignee: Scott Marlow > Fix For: 10.0.0.Final > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5473) Session.invalidate() does not invalidate SSO context for non-distributable applications

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-5473?page=com.atlassian.jira.plugin.... ] Paul Ferraro edited comment on WFLY-5473 at 1/7/16 12:00 PM: ------------------------------------------------------------- My suspicion is that there is a bug in undertow's security context implementation causing both this issue and WFLY-5484 - as it appears that the initial logout is not correctly triggering the requisite SecurityNotification callback which performs the SSO invalidation. I will keep investigating, but would like [~swd847] to have a look as well. was (Author: pferraro): My suspicion is that there is a bug in undertow's security context implementation causing both this issue and WFLY-5484 - as it appears that the initial logout is not correctly triggering the requisite SecurityNotification(LOGGED_OUT). > Session.invalidate() does not invalidate SSO context for non-distributable applications > --------------------------------------------------------------------------------------- > > Key: WFLY-5473 > URL: https://issues.jboss.org/browse/WFLY-5473 > Project: WildFly > Issue Type: Bug > Components: Clustering, Web (Undertow) > Reporter: Richard Janík > Assignee: Paul Ferraro > Priority: Blocker > Fix For: 10.0.0.Final > > Attachments: reproducer.zip > > > See "Steps to Reproduce" for detailed description. > According to my limited knowledge, this was also the core issue in https://bugzilla.redhat.com/show_bug.cgi?id=924456 which has been dispatched as a one-off to a customer. Thus, I'm setting the priority to blocker as this is a regression against 6.4.x. No exceptions have been observed in the server output however. > Adding Clustering component as I've been trying this with standalone-ha.xml and BZ 924456 relates to clustering. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5473) Session.invalidate() does not invalidate SSO context for non-distributable applications

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-5473?page=com.atlassian.jira.plugin.... ] Paul Ferraro commented on WFLY-5473: ------------------------------------ My suspicion is that there is a bug in undertow's security context implementation causing both this issue and WFLY-5484 - as it appears that the initial logout is not correctly triggering the requisite SecurityNotification(LOGGED_OUT). > Session.invalidate() does not invalidate SSO context for non-distributable applications > --------------------------------------------------------------------------------------- > > Key: WFLY-5473 > URL: https://issues.jboss.org/browse/WFLY-5473 > Project: WildFly > Issue Type: Bug > Components: Clustering, Web (Undertow) > Reporter: Richard Janík > Assignee: Paul Ferraro > Priority: Blocker > Fix For: 10.0.0.Final > > Attachments: reproducer.zip > > > See "Steps to Reproduce" for detailed description. > According to my limited knowledge, this was also the core issue in https://bugzilla.redhat.com/show_bug.cgi?id=924456 which has been dispatched as a one-off to a customer. Thus, I'm setting the priority to blocker as this is a regression against 6.4.x. No exceptions have been observed in the server output however. > Adding Clustering component as I've been trying this with standalone-ha.xml and BZ 924456 relates to clustering. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (ELY-402) A wrapper KeyStore that can filter by alias

by Darran Lofthouse (JIRA)

Darran Lofthouse created ELY-402: ------------------------------------ Summary: A wrapper KeyStore that can filter by alias Key: ELY-402 URL: https://issues.jboss.org/browse/ELY-402 Project: WildFly Elytron Issue Type: Feature Request Components: SSL Reporter: Darran Lofthouse Fix For: 1.1.0.Beta4 A common request is that when a server is configured for SSL the alias to use from the KeyStore can be specified - this can be a little short sighted as a huge advantage of multiple entries in a single KeyStore is that different entries can be used depending on the selected cipher suite. A better option may be to add alias filtering so a wrapper KeyStore can still make a number of underlying entries available. Alias filtering is better handled at the KeyStore level as the KeyManager should be performing additional checks to ensure the keys and signatures are compatible with the current cipher suite. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5473) Session.invalidate() does not invalidate SSO context for non-distributable applications

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-5473?page=com.atlassian.jira.plugin.... ] Paul Ferraro commented on WFLY-5473: ------------------------------------ [~dimitris] I'll be looking into this issue today and tomorrow. Our testsuite is missing a test that validates this specific behavior for a non-distributed web application using the distributed SSO implementation. However, I'm a bit surprised, given that the logic responsible for invalidating SSO context following session invalidation is common for both distributed and non-distributed web applications. > Session.invalidate() does not invalidate SSO context for non-distributable applications > --------------------------------------------------------------------------------------- > > Key: WFLY-5473 > URL: https://issues.jboss.org/browse/WFLY-5473 > Project: WildFly > Issue Type: Bug > Components: Clustering, Web (Undertow) > Reporter: Richard Janík > Assignee: Paul Ferraro > Priority: Blocker > Fix For: 10.0.0.Final > > Attachments: reproducer.zip > > > See "Steps to Reproduce" for detailed description. > According to my limited knowledge, this was also the core issue in https://bugzilla.redhat.com/show_bug.cgi?id=924456 which has been dispatched as a one-off to a customer. Thus, I'm setting the priority to blocker as this is a regression against 6.4.x. No exceptions have been observed in the server output however. > Adding Clustering component as I've been trying this with standalone-ha.xml and BZ 924456 relates to clustering. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5850) Can't deploy an EJB to a WildFly 10 server migrated from EAP 6.4

by Eduardo Martins (JIRA)

[ https://issues.jboss.org/browse/WFLY-5850?page=com.atlassian.jira.plugin.... ] Eduardo Martins commented on WFLY-5850: --------------------------------------- The bean-validation subsystem is missing in the config. > Can't deploy an EJB to a WildFly 10 server migrated from EAP 6.4 > ---------------------------------------------------------------- > > Key: WFLY-5850 > URL: https://issues.jboss.org/browse/WFLY-5850 > Project: WildFly > Issue Type: Bug > Components: EJB > Reporter: Ladislav Thon > Assignee: Jason Greene > Priority: Critical > > I just tried to migrate a {{standalone.xml}} server from clean EAP 6.4.0 to WildFly 10.0.0.CR4 and then deploy the {{server-side}} part of the {{ejb-remote}} quickstart: > {code} > git clone git@github.com:jboss-developer/jboss-eap-quickstarts.git > cd jboss-eap-quickstarts/ > git checkout -b 6.4.x origin/6.4.x > cd ejb-remote/server-side/ > mvn clean package -s ../../settings.xml > cd target > unzip .../jboss-eap-6.4.0.zip > unzip .../wildfly-10.0.0.CR4.zip > cp jboss-eap-6.4/standalone/configuration/standalone.xml wildfly-10.0.0.CR4/standalone/configuration/test.xml > ./wildfly-10.0.0.CR4/bin/standalone.sh -c test.xml --admin-only > # on a separate console > ./wildfly-10.0.0.CR4/bin/jboss-cli.sh -c --controller=localhost:9999 > /subsystem=threads:remove > /extension=org.jboss.as.threads:remove > /subsystem=web:migrate > shutdown > # on the original console > cp jboss-ejb-remote-server-side.jar wildfly-10.0.0.CR4/standalone/deployments/ > ./wildfly-10.0.0.CR4/bin/standalone.sh -c test.xml > {code} > What I get is this horrible stack trace: > {code} > 15:35:50,913 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.deployment.unit."jboss-ejb-remote-server-side.jar".POST_MODULE: org.jboss.msc.service.StartException in service jboss.deployment.unit."jboss-ejb-remote-server-side.jar".POST_MODULE: WFLYSRV0153: Failed to process phase POST_MODULE of deployment "jboss-ejb-remote-server-side.jar" > at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:154) [wildfly-server-2.0.0.CR8.jar:2.0.0.CR8] > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) [jboss-msc-1.2.6.Final.jar:1.2.6.Final] > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) [jboss-msc-1.2.6.Final.jar:1.2.6.Final] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_66] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_66] > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_66] > Caused by: javax.validation.ValidationException: Unable to create a Configuration, because no Bean Validation provider could be found. Add a provider like Hibernate Validator (RI) to your classpath. > at javax.validation.Validation$GenericBootstrapImpl.configure(Validation.java:271) > at org.hibernate.validator.internal.cdi.ValidationExtension.<init>(ValidationExtension.java:109) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [rt.jar:1.8.0_66] > at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) [rt.jar:1.8.0_66] > at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) [rt.jar:1.8.0_66] > at java.lang.reflect.Constructor.newInstance(Constructor.java:422) [rt.jar:1.8.0_66] > at java.lang.Class.newInstance(Class.java:442) [rt.jar:1.8.0_66] > at org.jboss.as.weld.deployment.WeldPortableExtensions.tryRegisterExtension(WeldPortableExtensions.java:53) > at org.jboss.as.weld.deployment.processors.WeldPortableExtensionProcessor.loadAttachments(WeldPortableExtensionProcessor.java:121) > at org.jboss.as.weld.deployment.processors.WeldPortableExtensionProcessor.deploy(WeldPortableExtensionProcessor.java:81) > at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:147) [wildfly-server-2.0.0.CR8.jar:2.0.0.CR8] > ... 5 more > 15:35:50,921 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("deploy") failed - address: ([("deployment" => "jboss-ejb-remote-server-side.jar")]) - failure description: {"WFLYCTL0080: Failed services" => {"jboss.deployment.unit.\"jboss-ejb-remote-server-side.jar\".POST_MODULE" => "org.jboss.msc.service.StartException in service jboss.deployment.unit.\"jboss-ejb-remote-server-side.jar\".POST_MODULE: WFLYSRV0153: Failed to process phase POST_MODULE of deployment \"jboss-ejb-remote-server-side.jar\" > Caused by: javax.validation.ValidationException: Unable to create a Configuration, because no Bean Validation provider could be found. Add a provider like Hibernate Validator (RI) to your classpath."}} > {code} > When I deploy the same JAR to a clean install of WildFly 10.0.0.CR4, it works just fine. This suggests that something (probably the EJB subsystem?) doesn't correctly parse/serialize the legacy configuration. Or something like that. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5951) pending-puts cache configuration is not started by the JPA subsystem

by Scott Marlow (JIRA)

[ https://issues.jboss.org/browse/WFLY-5951?page=com.atlassian.jira.plugin.... ] Scott Marlow commented on WFLY-5951: ------------------------------------ I have a potential change for this, I'll reassign to me and create a pr. > pending-puts cache configuration is not started by the JPA subsystem > -------------------------------------------------------------------- > > Key: WFLY-5951 > URL: https://issues.jboss.org/browse/WFLY-5951 > Project: WildFly > Issue Type: Bug > Components: JPA / Hibernate > Reporter: Paul Ferraro > Assignee: Paul Ferraro > Fix For: 10.0.0.Final > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5951) pending-puts cache configuration is not started by the JPA subsystem

by Scott Marlow (JIRA)

[ https://issues.jboss.org/browse/WFLY-5951?page=com.atlassian.jira.plugin.... ] Scott Marlow reassigned WFLY-5951: ---------------------------------- Assignee: Scott Marlow (was: Paul Ferraro) > pending-puts cache configuration is not started by the JPA subsystem > -------------------------------------------------------------------- > > Key: WFLY-5951 > URL: https://issues.jboss.org/browse/WFLY-5951 > Project: WildFly > Issue Type: Bug > Components: JPA / Hibernate > Reporter: Paul Ferraro > Assignee: Scott Marlow > Fix For: 10.0.0.Final > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 10 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2016