April 2019 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-4361) Enhanced mapping of X509Certificate to the underlying identity

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFCORE-4361?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFCORE-4361: -------------------------------- Fix Version/s: 9.0.0.Beta5 (was: 9.0.0.Beta4) > Enhanced mapping of X509Certificate to the underlying identity > -------------------------------------------------------------- > > Key: WFCORE-4361 > URL: https://issues.jboss.org/browse/WFCORE-4361 > Project: WildFly Core > Issue Type: Feature Request > Components: Security > Reporter: Darran Lofthouse > Assignee: Farah Juma > Priority: Major > Fix For: 9.0.0.Beta5 > > > Presently we support decoding the distinguished name however there are requests to use alternative such as the subject alternative name. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4360) Support encrypted expression resolution using a CredentialStore

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFCORE-4360?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFCORE-4360: -------------------------------- Fix Version/s: 9.0.0.Beta5 (was: 9.0.0.Beta4) > Support encrypted expression resolution using a CredentialStore > --------------------------------------------------------------- > > Key: WFCORE-4360 > URL: https://issues.jboss.org/browse/WFCORE-4360 > Project: WildFly Core > Issue Type: Feature Request > Components: Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 9.0.0.Beta5 > > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4400) Validation of 'host-context-map' attribute of 'server-ssl-sni-context' does not allow regular expressions

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFCORE-4400?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFCORE-4400: -------------------------------- Fix Version/s: 9.0.0.Beta5 (was: 9.0.0.Beta4) > Validation of 'host-context-map' attribute of 'server-ssl-sni-context' does not allow regular expressions > --------------------------------------------------------------------------------------------------------- > > Key: WFCORE-4400 > URL: https://issues.jboss.org/browse/WFCORE-4400 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Diana Vilkolakova > Assignee: Diana Vilkolakova > Priority: Major > Fix For: 9.0.0.Beta5 > > > Validation introduced by [WFCORE-4309|https://issues.jboss.org/browse/WFCORE-4309] is too strict and does not allow user to input regular expressions. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4395) The single mapper validation added via WFCORE-2364 happens at Runtime, this should be a Model time check.

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFCORE-4395?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFCORE-4395: -------------------------------- Fix Version/s: 9.0.0.Beta5 (was: 9.0.0.Beta4) > The single mapper validation added via WFCORE-2364 happens at Runtime, this should be a Model time check. > --------------------------------------------------------------------------------------------------------- > > Key: WFCORE-4395 > URL: https://issues.jboss.org/browse/WFCORE-4395 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Darran Lofthouse > Priority: Major > Fix For: 9.0.0.Beta5 > > > If possible the mappers should be flagged as being mutually exclusive, however failing that the validation should happen during Stage.MODEL. > Presently this leads to an unsatisifed dependency: - > {noformat} > 14:21:59,055 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "elytron"), > ("security-domain" => "demon-domain") > ]) - failure description: { > "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.security-realm.demo-realm"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-domain.demon-domain.initial is missing [org.wildfly.security.security-realm.demo-realm]"] > } > {noformat} > Despite this error the underlying cause is not logged at any level. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4452) Update WildFly Checkstyle Config to 1.0.8.Final

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFCORE-4452?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFCORE-4452: -------------------------------- Fix Version/s: 9.0.0.Beta5 (was: 9.0.0.Beta4) > Update WildFly Checkstyle Config to 1.0.8.Final > ----------------------------------------------- > > Key: WFCORE-4452 > URL: https://issues.jboss.org/browse/WFCORE-4452 > Project: WildFly Core > Issue Type: Component Upgrade > Components: Build System > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 9.0.0.Beta5 > > > Additionally drop the checkstyle plug-in version override and use the version from jboss-parent. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4451) Upgrade JBoss Parent to version 35

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFCORE-4451?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFCORE-4451: -------------------------------- Fix Version/s: 9.0.0.Beta5 (was: 9.0.0.Beta4) > Upgrade JBoss Parent to version 35 > ---------------------------------- > > Key: WFCORE-4451 > URL: https://issues.jboss.org/browse/WFCORE-4451 > Project: WildFly Core > Issue Type: Component Upgrade > Components: Build System > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 9.0.0.Beta5 > > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4447) Elytron: Ability to load the attributes of an identity from multiple sources

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFCORE-4447?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFCORE-4447: -------------------------------- Fix Version/s: 9.0.0.Beta5 (was: 9.0.0.Beta4) > Elytron: Ability to load the attributes of an identity from multiple sources > ---------------------------------------------------------------------------- > > Key: WFCORE-4447 > URL: https://issues.jboss.org/browse/WFCORE-4447 > Project: WildFly Core > Issue Type: Feature Request > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 9.0.0.Beta5 > > > In previous versions a {{security-domain}} was used to merge or add roles from multiple repositories. For example the roles for the users were obtained from two different ldaps and a database. All the roles were merged and the final authenticated principal belonged to all of them. The old picketbox subsystem used stacking of login modules (and password) to implement this feature. This use-case is not rare among the customers. > This issue is avoiding migrations from the old security subsystem to elytron. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4446) Migrate AbsolutePathService and RelativePathService to new MSC service builder API

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFCORE-4446?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFCORE-4446: -------------------------------- Fix Version/s: 9.0.0.Beta5 (was: 9.0.0.Beta4) > Migrate AbsolutePathService and RelativePathService to new MSC service builder API > ---------------------------------------------------------------------------------- > > Key: WFCORE-4446 > URL: https://issues.jboss.org/browse/WFCORE-4446 > Project: WildFly Core > Issue Type: Task > Components: Server > Reporter: Richard Opalka > Assignee: Richard Opalka > Priority: Major > Fix For: 9.0.0.Beta5 > > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4457) Default SSLContext testing in Elytron test cases breaking SubsystemTransformersTestCase downloads.

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFCORE-4457?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFCORE-4457: -------------------------------- Fix Version/s: 9.0.0.Beta5 (was: 9.0.0.Beta4) > Default SSLContext testing in Elytron test cases breaking SubsystemTransformersTestCase downloads. > -------------------------------------------------------------------------------------------------- > > Key: WFCORE-4457 > URL: https://issues.jboss.org/browse/WFCORE-4457 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 9.0.0.Beta5 > > > In certain environments this is causing failures such as: - > {noformat} > [ERROR] testRejectingTransformersEAP720(org.wildfly.extension.elytron.SubsystemTransformerTestCase) Time elapsed: 1.17 s <<< ERROR! > java.lang.RuntimeException: org.eclipse.aether.resolution.ArtifactResolutionException: Could not transfer artifact org.wildfly.core:wildfly-elytron-integration:jar:6.0.1.Final from/to product-repository (https://maven.repository.redhat.com/ga/): sun.security.validator.ValidatorException: No trusted certificate found > at org.jboss.as.model.test.MavenUtil.createMavenGavURL(MavenUtil.java:142) > at org.jboss.as.model.test.ChildFirstClassLoaderBuilder.addMavenResourceURL(ChildFirstClassLoaderBuilder.java:198) > at org.jboss.as.subsystem.test.SubsystemTestDelegate$LegacyKernelServiceInitializerImpl.addMavenResourceURL(SubsystemTestDelegate.java:717) > at org.wildfly.extension.elytron.SubsystemTransformerTestCase.testRejectingTransformers(SubsystemTransformerTestCase.java:178) > at org.wildfly.extension.elytron.SubsystemTransformerTestCase.testRejectingTransformersEAP720(SubsystemTransformerTestCase.java:90) > Caused by: org.eclipse.aether.resolution.ArtifactResolutionException: Could not transfer artifact org.wildfly.core:wildfly-elytron-integration:jar:6.0.1.Final from/to product-repository (https://maven.repository.redhat.com/ga/): sun.security.validator.ValidatorException: No trusted certificate found > at org.eclipse.aether.internal.impl.DefaultArtifactResolver.resolve(DefaultArtifactResolver.java:422) > at org.eclipse.aether.internal.impl.DefaultArtifactResolver.resolveArtifacts(DefaultArtifactResolver.java:224) > at org.eclipse.aether.internal.impl.DefaultArtifactResolver.resolveArtifact(DefaultArtifactResolver.java:201) > at org.eclipse.aether.internal.impl.DefaultRepositorySystem.resolveArtifact(DefaultRepositorySystem.java:260) > at org.jboss.as.model.test.MavenUtil.createMavenGavURL(MavenUtil.java:140) > ... 4 more > Caused by: org.eclipse.aether.transfer.ArtifactTransferException: Could not transfer artifact org.wildfly.core:wildfly-elytron-integration:jar:6.0.1.Final from/to product-repository (https://maven.repository.redhat.com/ga/): sun.security.validator.ValidatorException: No trusted certificate found > at org.eclipse.aether.connector.basic.ArtifactTransportListener.transferFailed(ArtifactTransportListener.java:52) > at org.eclipse.aether.connector.basic.BasicRepositoryConnector$TaskRunner.run(BasicRepositoryConnector.java:365) > at org.eclipse.aether.util.concurrency.RunnableErrorForwarder$1.run(RunnableErrorForwarder.java:75) > at org.eclipse.aether.connector.basic.BasicRepositoryConnector$DirectExecutor.execute(BasicRepositoryConnector.java:583) > at org.eclipse.aether.connector.basic.BasicRepositoryConnector.get(BasicRepositoryConnector.java:259) > at org.eclipse.aether.internal.impl.DefaultArtifactResolver.performDownloads(DefaultArtifactResolver.java:498) > at org.eclipse.aether.internal.impl.DefaultArtifactResolver.resolve(DefaultArtifactResolver.java:399) > ... 8 more > Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found > at org.apache.http.conn.ssl.SSLSocketFactory.createLayeredSocket(SSLSocketFactory.java:573) > at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:557) > at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:414) > at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180) > at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:326) > at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:610) > at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:445) > at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:835) > at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) > at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) > at org.apache.http.impl.client.DecompressingHttpClient.execute(DecompressingHttpClient.java:164) > at org.eclipse.aether.transport.http.HttpTransporter.execute(HttpTransporter.java:296) > at org.eclipse.aether.transport.http.HttpTransporter.implPeek(HttpTransporter.java:240) > at org.eclipse.aether.spi.connector.transport.AbstractTransporter.peek(AbstractTransporter.java:51) > at org.eclipse.aether.connector.basic.BasicRepositoryConnector$PeekTaskRunner.runTask(BasicRepositoryConnector.java:386) > at org.eclipse.aether.connector.basic.BasicRepositoryConnector$TaskRunner.run(BasicRepositoryConnector.java:360) > ... 13 more > Caused by: sun.security.validator.ValidatorException: No trusted certificate found > at org.wildfly.extension.elytron.SSLDefinitions$DelegatingTrustManager.checkServerTrusted(SSLDefinitions.java:853) > ... 29 more > {noformat} -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4453) Clean up left curly placement in files triggering checkstyle failures.

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFCORE-4453?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFCORE-4453: -------------------------------- Fix Version/s: 9.0.0.Beta5 (was: 9.0.0.Beta4) > Clean up left curly placement in files triggering checkstyle failures. > ---------------------------------------------------------------------- > > Key: WFCORE-4453 > URL: https://issues.jboss.org/browse/WFCORE-4453 > Project: WildFly Core > Issue Type: Task > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 9.0.0.Beta5 > > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 5 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira April 2019