[JBoss JIRA] (WFLY-7843) Initial context factory is not able to be set in Elytron dir-context
by Ondrej Lukas (JIRA)
Ondrej Lukas created WFLY-7843:
----------------------------------
Summary: Initial context factory is not able to be set in Elytron dir-context
Key: WFLY-7843
URL: https://issues.jboss.org/browse/WFLY-7843
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Ondrej Lukas
Assignee: Darran Lofthouse
Priority: Critical
Elytron subsystem does not allow to configure custom Initial context factory for dir-context.
Elytron {{org.wildfly.security.auth.realm.ldapSimpleDirContextFactoryBuilder}} includes setter for field {{initialContextFactory}}, but integration for Elytron subsystem is missing. This means that default value {{com.sun.jndi.ldap.LdapCtxFactory}} is always used by Application server.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 11 months
[JBoss JIRA] (WFLY-7841) ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
by Tibor Digana (JIRA)
[ https://issues.jboss.org/browse/WFLY-7841?page=com.atlassian.jira.plugin.... ]
Tibor Digana commented on WFLY-7841:
------------------------------------
Yes, I will extract the code.
> ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
> ---------------------------------------------------------------------------------------------------------
>
> Key: WFLY-7841
> URL: https://issues.jboss.org/browse/WFLY-7841
> Project: WildFly
> Issue Type: Bug
> Components: CDI / Weld
> Affects Versions: 10.0.0.Final
> Reporter: Tibor Digana
> Assignee: Stuart Douglas
>
> The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService#scheduleAtFixedRate()_.
> The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
> I tried to schedule executing the job in two ways and both finished with same issue (No managed context in _EntityManager_) :
> * _@ApplicationScoped_ job instance was passed to executor from caller.
> * The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_ created the Job bean instance and then I called _scheduleAtFixedRate(job, 5, 60, SECONDS)_
> It looks to me that _javax.enterprise.concurrent_ has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 11 months
[JBoss JIRA] (WFLY-7842) Security-Realm Authorization over LDAP doesn't permit multiple Attribute names as filter.
by Daniel Draper (JIRA)
Daniel Draper created WFLY-7842:
-----------------------------------
Summary: Security-Realm Authorization over LDAP doesn't permit multiple Attribute names as filter.
Key: WFLY-7842
URL: https://issues.jboss.org/browse/WFLY-7842
Project: WildFly
Issue Type: Bug
Environment: CentOS release 6.8 (Final)
JBoss Admin Command-line Interface
JBOSS_HOME: /opt/wildfly/10.1.0
JBoss AS release: 2.2.0.Final "Kenny"
JBoss AS product: WildFly Full 10.1.0.Final
JAVA_HOME: null
java.version: 1.8.0_40
java.vm.vendor: Oracle Corporation
java.vm.version: 25.40-b25
os.name: Linux
os.version: 4.6.3-1.el6.elrepo.x86_64
Reporter: Daniel Draper
Assignee: Jason Greene
When hooking up our Wildfly Application to our SSO (CAS) for authentication and delegating Authorization to a Security Realm and then using LDAP we ran into the following problem:
*Use Case*
We want to use authorization inside a Security-Realm through LDAP.
In our LDAP setup we have a Group-To-Principal matching of the form "_member=uid=x" OR "submember=uid=x_" depending on if the user was added manually or through an autodomain.
Unfortunately as far as we could tell using two attributes in the Polish Notation (as is required by [LDAP|https://ldapwiki.com/wiki/LDAP%20filters%20Syntax%20and%20Choices]) seems to be impossible for the wildfly configuration. We tried the following in the standalone-accounting.xml (in different iterations and ways to place the parenthesis) which all lead to an 'unbalanced Parenthesis' or similar error when starting up wildfly.
{code:xml}
<management>
<security-realms>
<security-realm name="bla">
<authorization>
<ldap connection="ldap">
<username-to-dn>
<username-is-dn/>
</username-to-dn>
<group-search group-name="SIMPLE" iterative="false" group-dn-attribute="cn" group-name-attribute="cn">
<group-to-principal search-by="SIMPLE" base-dn="ou=roles,***" recursive="false">
<membership-filter principal-attribute="|(submember=uid={0})(member=uid={0})"/>
</group-to-principal>
</group-search>
</ldap>
</authorization>
</security-realm>
</security-realms>
</management>
{code}
We then found the filterString is parsed the following way: (See [LdapGroupSearcherFactory#L115|https://github.com/wildfly/wildfly-core/blo...])
{code:java}
this.filterString = String.format("(%s={0})", principalAttribute);
{code}
which seems to make multiple attribute names as a filter impossible, which makes our use case as above impossible.
Asked in [Forums|https://developer.jboss.org/thread/273435], but since I didn't get any answers for 3 weeks opening here.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 11 months
[JBoss JIRA] (WFLY-7841) ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
by Tomas Remes (JIRA)
[ https://issues.jboss.org/browse/WFLY-7841?page=com.atlassian.jira.plugin.... ]
Tomas Remes commented on WFLY-7841:
-----------------------------------
[~tibor17] Can you please provide simple reproducer and exception stacktrace?
> ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
> ---------------------------------------------------------------------------------------------------------
>
> Key: WFLY-7841
> URL: https://issues.jboss.org/browse/WFLY-7841
> Project: WildFly
> Issue Type: Bug
> Components: CDI / Weld
> Affects Versions: 10.0.0.Final
> Reporter: Tibor Digana
> Assignee: Stuart Douglas
>
> The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService#scheduleAtFixedRate()_.
> The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
> I tried to schedule executing the job in two ways and both finished with same issue (No managed context in _EntityManager_) :
> * _@ApplicationScoped_ job instance was passed to executor from caller.
> * The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_ created the Job bean instance and then I called _scheduleAtFixedRate(job, 5, 60, SECONDS)_
> It looks to me that _javax.enterprise.concurrent_ has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 11 months
[JBoss JIRA] (WFLY-7841) ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
by Tibor Digana (JIRA)
[ https://issues.jboss.org/browse/WFLY-7841?page=com.atlassian.jira.plugin.... ]
Tibor Digana updated WFLY-7841:
-------------------------------
Description:
The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService#scheduleAtFixedRate()_.
The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
I tried to schedule executing the job in two ways and both finished with same issue (No managed context in _EntityManager_) :
* _@ApplicationScoped_ job instance was passed to executor from caller.
* The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_ created the Job bean instance and then I called _scheduleAtFixedRate(job, 5, 60, SECONDS)_
It looks to me that _javax.enterprise.concurrent_ has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
was:
The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService_.
The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
I tried to schedule executing the job in two ways and both finished with same issue (No managed context in _EntityManager_) :
* _@ApplicationScoped_ job instance was passed to executor from caller.
* The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_ created the Job bean instance
It looks to me that javax.enterprise.concurrent has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
> ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
> ---------------------------------------------------------------------------------------------------------
>
> Key: WFLY-7841
> URL: https://issues.jboss.org/browse/WFLY-7841
> Project: WildFly
> Issue Type: Bug
> Components: CDI / Weld
> Affects Versions: 10.0.0.Final
> Reporter: Tibor Digana
> Assignee: Stuart Douglas
>
> The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService#scheduleAtFixedRate()_.
> The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
> I tried to schedule executing the job in two ways and both finished with same issue (No managed context in _EntityManager_) :
> * _@ApplicationScoped_ job instance was passed to executor from caller.
> * The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_ created the Job bean instance and then I called _scheduleAtFixedRate(job, 5, 60, SECONDS)_
> It looks to me that _javax.enterprise.concurrent_ has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 11 months
[JBoss JIRA] (WFLY-7841) ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
by Tibor Digana (JIRA)
[ https://issues.jboss.org/browse/WFLY-7841?page=com.atlassian.jira.plugin.... ]
Tibor Digana updated WFLY-7841:
-------------------------------
Description:
The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService_.
The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
I tried to schedule executing the job in two ways and both finished with same issue (No managed context in _EntityManager_) :
* _@ApplicationScoped_ job instance was passed to executor from caller.
* The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_ created the Job bean instance
It looks to me that javax.enterprise.concurrent has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
was:
The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService_.
The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
I tried to schedule executing the job in two ways and both finished with same issue (No managed context in _EntityManager_) :
* _@ApplicationScoped_ job instance was passed to executor from caller.
* The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_
It looks to me that javax.enterprise.concurrent has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
> ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
> ---------------------------------------------------------------------------------------------------------
>
> Key: WFLY-7841
> URL: https://issues.jboss.org/browse/WFLY-7841
> Project: WildFly
> Issue Type: Bug
> Components: CDI / Weld
> Affects Versions: 10.0.0.Final
> Reporter: Tibor Digana
> Assignee: Stuart Douglas
>
> The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService_.
> The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
> I tried to schedule executing the job in two ways and both finished with same issue (No managed context in _EntityManager_) :
> * _@ApplicationScoped_ job instance was passed to executor from caller.
> * The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_ created the Job bean instance
> It looks to me that javax.enterprise.concurrent has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 11 months
[JBoss JIRA] (WFLY-7841) ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
by Tibor Digana (JIRA)
Tibor Digana created WFLY-7841:
----------------------------------
Summary: ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
Key: WFLY-7841
URL: https://issues.jboss.org/browse/WFLY-7841
Project: WildFly
Issue Type: Bug
Components: CDI / Weld
Affects Versions: 10.0.0.Final
Reporter: Tibor Digana
Assignee: Stuart Douglas
The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService_.
The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
I tried to schedule executing the job in two way and both finished with same issue (No managed context in _EntityManager_) :
* _@ApplicationScoped_ job instance was passed to executor from caller.
* The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_
It looks to me that javax.enterprise.concurrent has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 11 months
[JBoss JIRA] (WFLY-7841) ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
by Tibor Digana (JIRA)
[ https://issues.jboss.org/browse/WFLY-7841?page=com.atlassian.jira.plugin.... ]
Tibor Digana updated WFLY-7841:
-------------------------------
Description:
The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService_.
The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
I tried to schedule executing the job in two ways and both finished with same issue (No managed context in _EntityManager_) :
* _@ApplicationScoped_ job instance was passed to executor from caller.
* The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_
It looks to me that javax.enterprise.concurrent has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
was:
The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService_.
The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
I tried to schedule executing the job in two way and both finished with same issue (No managed context in _EntityManager_) :
* _@ApplicationScoped_ job instance was passed to executor from caller.
* The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_
It looks to me that javax.enterprise.concurrent has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
> ManagedScheduledExecutorService could not find EntityManager produced by CDI producer. No active context.
> ---------------------------------------------------------------------------------------------------------
>
> Key: WFLY-7841
> URL: https://issues.jboss.org/browse/WFLY-7841
> Project: WildFly
> Issue Type: Bug
> Components: CDI / Weld
> Affects Versions: 10.0.0.Final
> Reporter: Tibor Digana
> Assignee: Stuart Douglas
>
> The problem is that _EntityManager_ does not have managed delegate within a job executed by _ManagedScheduledExecutorService_.
> The _EntityManager_ is produced by CDI producer and entire web application is able to work with injected _EntityManager_ except for the jobs.
> I tried to schedule executing the job in two ways and both finished with same issue (No managed context in _EntityManager_) :
> * _@ApplicationScoped_ job instance was passed to executor from caller.
> * The job was changed to _RequestScoped_ and _ContextProxy#createContextualProxy()_
> It looks to me that javax.enterprise.concurrent has a different _BeanManager_ and therefore has no notion about my CDI Producer of _EntityManager_. The producer is regular producer of _EntityManager_ in JavaEE.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 11 months
[JBoss JIRA] (WFLY-7778) Remoting identity propagation does not work with Elytron
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFLY-7778?page=com.atlassian.jira.plugin.... ]
Jan Kalina updated WFLY-7778:
-----------------------------
Steps to Reproduce:
Tests: (after modification to use Elytron instead of legacy subystem: https://github.com/wildfly-security-incubator/wildfly/pull/56 )
org.jboss.as.test.integration.ejb.security.testAuthentication()
org.jboss.as.test.integration.ejb.security.testAuthentication_BadPwd()
org.jboss.as.test.integration.ejb.security.testAuthentication_TwoBeans()
org.jboss.as.test.integration.ejb.security.testAuthentication_TwoBeans_ReAuth_BadPwd()
(and a lot of other, most of tests using EJB)
was:
Tests: (after modification to use Elytron instead of legacy subystem)
org.jboss.as.test.integration.ejb.security.testAuthentication()
org.jboss.as.test.integration.ejb.security.testAuthentication_BadPwd()
org.jboss.as.test.integration.ejb.security.testAuthentication_TwoBeans()
org.jboss.as.test.integration.ejb.security.testAuthentication_TwoBeans_ReAuth_BadPwd()
(and a lot of other, most of tests using EJB)
> Remoting identity propagation does not work with Elytron
> --------------------------------------------------------
>
> Key: WFLY-7778
> URL: https://issues.jboss.org/browse/WFLY-7778
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Jan Kalina
> Assignee: Jan Kalina
> Priority: Critical
>
> Even througth succesful obtaining LoginContext, identity is not propagated in EJB call.
> Identity is unauthorized on server side.
> *Remoting does not work because it is not implemented yet* - this issue created primary for tests ignore issue reference.
> Often error message:
> {code:java}
> SaslException: Authentication failed: all available authentication mechanisms failed:
> JBOSS-LOCAL-USER: Server rejected authentication
> DIGEST-MD5: Server rejected authentication]
> at org.wildfly.naming.client.remote.RemoteNamingProvider.getPeerIdentityForNaming(RemoteNamingProvider.java:110)
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
8 years, 11 months