May 2019 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-11569) Port EESecurityAuthMechanismTestCase to WildFly Elytron

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-11569?page=com.atlassian.jira.plugin... ] Darran Lofthouse updated WFLY-11569: ------------------------------------ Fix Version/s: (was: 17.0.0.Final) > Port EESecurityAuthMechanismTestCase to WildFly Elytron > ------------------------------------------------------- > > Key: WFLY-11569 > URL: https://issues.jboss.org/browse/WFLY-11569 > Project: WildFly > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Priority: Major > > Also ensure it passes with the security manager enabled. > Also see WFLY-11348 which is the failure with PicketBox. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11542) Update Undertow ApplicationSecurityDomain to use individual factories.

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-11542?page=com.atlassian.jira.plugin... ] Darran Lofthouse reassigned WFLY-11542: --------------------------------------- Assignee: (was: Darran Lofthouse) > Update Undertow ApplicationSecurityDomain to use individual factories. > ---------------------------------------------------------------------- > > Key: WFLY-11542 > URL: https://issues.jboss.org/browse/WFLY-11542 > Project: WildFly > Issue Type: Task > Components: Security, Web (Undertow) > Reporter: Darran Lofthouse > Priority: Major > > This is to move away from the deprecated 'org.wildfly.security.http.impl.ServerMechanismFactoryImpl' which will be removed soon as it was never public API. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11542) Update Undertow ApplicationSecurityDomain to use individual factories.

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-11542?page=com.atlassian.jira.plugin... ] Darran Lofthouse updated WFLY-11542: ------------------------------------ Fix Version/s: (was: 17.0.0.Final) > Update Undertow ApplicationSecurityDomain to use individual factories. > ---------------------------------------------------------------------- > > Key: WFLY-11542 > URL: https://issues.jboss.org/browse/WFLY-11542 > Project: WildFly > Issue Type: Task > Components: Security, Web (Undertow) > Reporter: Darran Lofthouse > Priority: Major > > This is to move away from the deprecated 'org.wildfly.security.http.impl.ServerMechanismFactoryImpl' which will be removed soon as it was never public API. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11879) Add a more in-depth section in the docs covering authentication.

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-11879?page=com.atlassian.jira.plugin... ] Darran Lofthouse updated WFLY-11879: ------------------------------------ Fix Version/s: (was: 17.0.0.Final) > Add a more in-depth section in the docs covering authentication. > ---------------------------------------------------------------- > > Key: WFLY-11879 > URL: https://issues.jboss.org/browse/WFLY-11879 > Project: WildFly > Issue Type: Task > Components: Documentation, Security > Reporter: Darran Lofthouse > Priority: Major > > A detailed authentication section, this will be huge but I don't think we have a clear picture of how the different pieces really come together i.e. realms, domains, mappers and decoders and subsequently the authentication factories. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11101) Add CredentialStore documentation

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-11101?page=com.atlassian.jira.plugin... ] Darran Lofthouse updated WFLY-11101: ------------------------------------ Fix Version/s: 18.0.0.Beta1 (was: 17.0.0.Final) > Add CredentialStore documentation > --------------------------------- > > Key: WFLY-11101 > URL: https://issues.jboss.org/browse/WFLY-11101 > Project: WildFly > Issue Type: Task > Components: Documentation, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 18.0.0.Beta1 > > > The CredentialStore is a significant component within WildFly Elytron, however it is not really covered in the documentation. > We have a couple of different approaches to creating the store, we then have referencing the store. Finally we have custom implementations. > New features are also being developed so really we need a source of documentation to add descriptions of the new features to. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11540) Update Maven dependencies to reference individual Elytron modules.

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-11540?page=com.atlassian.jira.plugin... ] Darran Lofthouse reassigned WFLY-11540: --------------------------------------- Assignee: (was: Darran Lofthouse) > Update Maven dependencies to reference individual Elytron modules. > ------------------------------------------------------------------ > > Key: WFLY-11540 > URL: https://issues.jboss.org/browse/WFLY-11540 > Project: WildFly > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Priority: Major > > This should also review the classes the application server users as we will likely want to start considering these public API. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11540) Update Maven dependencies to reference individual Elytron modules.

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-11540?page=com.atlassian.jira.plugin... ] Darran Lofthouse updated WFLY-11540: ------------------------------------ Fix Version/s: (was: 17.0.0.Final) > Update Maven dependencies to reference individual Elytron modules. > ------------------------------------------------------------------ > > Key: WFLY-11540 > URL: https://issues.jboss.org/browse/WFLY-11540 > Project: WildFly > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Priority: Major > > This should also review the classes the application server users as we will likely want to start considering these public API. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11569) Port EESecurityAuthMechanismTestCase to WildFly Elytron

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-11569?page=com.atlassian.jira.plugin... ] Darran Lofthouse reassigned WFLY-11569: --------------------------------------- Assignee: (was: Darran Lofthouse) > Port EESecurityAuthMechanismTestCase to WildFly Elytron > ------------------------------------------------------- > > Key: WFLY-11569 > URL: https://issues.jboss.org/browse/WFLY-11569 > Project: WildFly > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Priority: Major > > Also ensure it passes with the security manager enabled. > Also see WFLY-11348 which is the failure with PicketBox. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11013) Hash encoding Exception when using @DatabaseIdentityStoreDefinition

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-11013?page=com.atlassian.jira.plugin... ] Darran Lofthouse reassigned WFLY-11013: --------------------------------------- Assignee: (was: Darran Lofthouse) > Hash encoding Exception when using @DatabaseIdentityStoreDefinition > ------------------------------------------------------------------- > > Key: WFLY-11013 > URL: https://issues.jboss.org/browse/WFLY-11013 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 14.0.0.Final > Environment: WildFly 14. Generic Linux. JDK 8/9 > Reporter: Francesco Marchioni > Priority: Major > Attachments: javaee8-secure-servlet.zip > > > When deploying one application using @DatabaseIdentityStoreDefinition, upon successful login, the following exception is thrown > {code:java} > java.lang.IllegalArgumentException: Bad hash encoding > at org.glassfish.soteria.identitystores.hash.Pbkdf2PasswordHashImpl$EncodedPasswordHash.decode(Pbkdf2PasswordHashImpl.java:209) > at org.glassfish.soteria.identitystores.hash.Pbkdf2PasswordHashImpl$EncodedPasswordHash.<init>(Pbkdf2PasswordHashImpl.java:191) > at org.glassfish.soteria.identitystores.hash.Pbkdf2PasswordHashImpl.verify(Pbkdf2PasswordHashImpl.java:147) > at org.glassfish.soteria.identitystores.DatabaseIdentityStore.validate(DatabaseIdentityStore.java:121) > at org.glassfish.soteria.identitystores.DatabaseIdentityStore.validate(DatabaseIdentityStore.java:101) > at org.jboss.weldx.security.enterprise.identitystore.IdentityStore$635317201$Proxy$_$$_WeldClientProxy.validate(Unknown Source) > at org.glassfish.soteria.cdi.DefaultIdentityStoreHandler.validate(DefaultIdentityStoreHandler.java:97) > {code} -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11013) Hash encoding Exception when using @DatabaseIdentityStoreDefinition

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-11013?page=com.atlassian.jira.plugin... ] Darran Lofthouse updated WFLY-11013: ------------------------------------ Fix Version/s: (was: 17.0.0.Final) > Hash encoding Exception when using @DatabaseIdentityStoreDefinition > ------------------------------------------------------------------- > > Key: WFLY-11013 > URL: https://issues.jboss.org/browse/WFLY-11013 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 14.0.0.Final > Environment: WildFly 14. Generic Linux. JDK 8/9 > Reporter: Francesco Marchioni > Priority: Major > Attachments: javaee8-secure-servlet.zip > > > When deploying one application using @DatabaseIdentityStoreDefinition, upon successful login, the following exception is thrown > {code:java} > java.lang.IllegalArgumentException: Bad hash encoding > at org.glassfish.soteria.identitystores.hash.Pbkdf2PasswordHashImpl$EncodedPasswordHash.decode(Pbkdf2PasswordHashImpl.java:209) > at org.glassfish.soteria.identitystores.hash.Pbkdf2PasswordHashImpl$EncodedPasswordHash.<init>(Pbkdf2PasswordHashImpl.java:191) > at org.glassfish.soteria.identitystores.hash.Pbkdf2PasswordHashImpl.verify(Pbkdf2PasswordHashImpl.java:147) > at org.glassfish.soteria.identitystores.DatabaseIdentityStore.validate(DatabaseIdentityStore.java:121) > at org.glassfish.soteria.identitystores.DatabaseIdentityStore.validate(DatabaseIdentityStore.java:101) > at org.jboss.weldx.security.enterprise.identitystore.IdentityStore$635317201$Proxy$_$$_WeldClientProxy.validate(Unknown Source) > at org.glassfish.soteria.cdi.DefaultIdentityStoreHandler.validate(DefaultIdentityStoreHandler.java:97) > {code} -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 4 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2019