August 2020 - jboss-jira - Jboss List Archives

[JBoss JIRA] (DROOLS-5600) Cleanup kie-maven-plugin-example DMN examples version in codebase

by Matteo Mortari (Jira)

Matteo Mortari created DROOLS-5600: -------------------------------------- Summary: Cleanup kie-maven-plugin-example DMN examples version in codebase Key: DROOLS-5600 URL: https://issues.redhat.com/browse/DROOLS-5600 Project: Drools Issue Type: Task Components: dmn engine Reporter: Matteo Mortari Assignee: Matteo Mortari Fix For: 7.42.0.Final see Epic descr -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5599) Review/cleanup kie-karaf-itests DMN examples version in codebase

by Matteo Mortari (Jira)

Matteo Mortari created DROOLS-5599: -------------------------------------- Summary: Review/cleanup kie-karaf-itests DMN examples version in codebase Key: DROOLS-5599 URL: https://issues.redhat.com/browse/DROOLS-5599 Project: Drools Issue Type: Task Components: dmn engine Reporter: Matteo Mortari Assignee: Matteo Mortari Fix For: 7.42.0.Final see Epic descr -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5598) Review kie-dmn-validation BULK DMN examples version in codebase

by Matteo Mortari (Jira)

[ https://issues.redhat.com/browse/DROOLS-5598?page=com.atlassian.jira.plug... ] Matteo Mortari updated DROOLS-5598: ----------------------------------- Description: this JIRA focuses on the bulk of the tests from kie-dmn-validation, it actually archive the DMNv1.1 based tests in an isolated module, and converts from DMNv1.1 to DMNv1.2 in kie-dmn-validation. Ref: see Epic descr was: this JIRA focuses on the bulk of the tests from kie-dmn-core, it actually archive the DMNv1.1 based tests in an isolated module, and converts from DMNv1.1 to DMNv1.2 in kie-dmn-core. Ref: see Epic descr > Review kie-dmn-validation BULK DMN examples version in codebase > --------------------------------------------------------------- > > Key: DROOLS-5598 > URL: https://issues.redhat.com/browse/DROOLS-5598 > Project: Drools > Issue Type: Task > Components: dmn engine > Reporter: Matteo Mortari > Assignee: Matteo Mortari > Priority: Major > Fix For: 7.42.0.Final > > > this JIRA focuses on the bulk of the tests from kie-dmn-validation, it actually archive the DMNv1.1 based tests in an isolated module, and converts from DMNv1.1 to DMNv1.2 in kie-dmn-validation. > Ref: see Epic descr -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5598) Review kie-dmn-validation BULK DMN examples version in codebase

by Matteo Mortari (Jira)

Matteo Mortari created DROOLS-5598: -------------------------------------- Summary: Review kie-dmn-validation BULK DMN examples version in codebase Key: DROOLS-5598 URL: https://issues.redhat.com/browse/DROOLS-5598 Project: Drools Issue Type: Task Components: dmn engine Reporter: Matteo Mortari Assignee: Matteo Mortari Fix For: 7.42.0.Final this JIRA focuses on the bulk of the tests from kie-dmn-core, it actually archive the DMNv1.1 based tests in an isolated module, and converts from DMNv1.1 to DMNv1.2 in kie-dmn-core. Ref: see Epic descr -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5561) Add DMN strongly typed tests for collection of collection

by Toshiya Kobayashi (Jira)

[ https://issues.redhat.com/browse/DROOLS-5561?page=com.atlassian.jira.plug... ] Toshiya Kobayashi updated DROOLS-5561: -------------------------------------- Story Points: 3 (was: 2) > Add DMN strongly typed tests for collection of collection > --------------------------------------------------------- > > Key: DROOLS-5561 > URL: https://issues.redhat.com/browse/DROOLS-5561 > Project: Drools > Issue Type: Task > Components: dmn engine > Affects Versions: 7.41.0.Final > Reporter: Toshiya Kobayashi > Assignee: Toshiya Kobayashi > Priority: Major > > Add tests for collection of collection (of collection)* in DMNRuntimeTypesTest > https://github.com/kiegroup/drools/pull/3030#discussion_r465987525 -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13607) "SSL read loop detected" during remote EJB call; remote call blocks forever

by Victor Langelo (Jira)

[ https://issues.redhat.com/browse/WFLY-13607?page=com.atlassian.jira.plugi... ] Victor Langelo commented on WFLY-13607: --------------------------------------- I haven't been able to find an isolated reproducible case. The best test I have is a series of ejb invocations returning both small and large results in our test system when it's running in a datacenter behind a nginx proxy server. All invocations are via [https://hostname/wildfly-services/.|https://hostname/wildfly-services/app/] It only happens occasionally but on the same invocation in the sequence. I haven't seen it when the WildFly server is accessed directly or when it's on the local network with or without the nginx proxy. We also tested with the server behind a WildFly reverse proxy and haven't been able to reproduce there either. However, the WildFly reverse proxy configuration isn't working with client certificate authentication even though the certificate is being passed in the header to the back end server just like in the nginx setup. So it may not be exactly the same. The best I can offer at the moment is a copy of our client application, credentials to our test server and the sequence of actions I take to reproduce. > "SSL read loop detected" during remote EJB call; remote call blocks forever > --------------------------------------------------------------------------- > > Key: WFLY-13607 > URL: https://issues.redhat.com/browse/WFLY-13607 > Project: WildFly > Issue Type: Bug > Components: Web (Undertow) > Affects Versions: 19.1.0.Final > Reporter: Kyle MacLeod > Assignee: Flavia Rainone > Priority: Major > > Summary: "SSL read loop detected" during remote EJB call; remote call blocks forever > h3. Problem Description > We are transferring data over an EJB request. The data returned from the EJB call ranges from 1-4MB in size. > During one of these transfers, we are hitting some sort of race/timing condition which results in a "UT005076: SSL read loop detected" ERROR log. > After the read loop detected log, the remote call blocks forever. Something is broken with the cleanup. > Unfortunately, this is only happening on some of our servers. It's difficult to reproduce - and I don't have a test case for it. > Other notes: > * The issue is seen on the client side. The client is a java standalone client. All are running in docker containers. The issue is seen both running under docker-compose and under kubernetes. > * The issue is seen with the 19.0.1.Final wildfly-client-all jar. It is NOT seen when we revert back to 18.0.0.Final wildfly-client-all jar.* It looks to me like an issue in either SslConduit or WildflyClientInputStream. There were commits post-18.0.0.Final which hit code in this area. > h3. Logs > What we see in the log file is these two back-to-back errors from the same thread: > {code:language=|borderStyle=solid|theme=RDark|linenumbers=true|collapse=false} > 2020-06-09 15:04:30,378 ERROR [io.undertow.request] [AgentServerModelRegistrationStateChangeNotification-pool-21-thread-1] UT005076: SSL read loop detected. This should not happen, please report this to the Undertow developers. Current state SslConduit{state=4, outstandingTasks=0, wrappedData=null, dataToUnwrap=null, unwrappedData=null} > 2020-06-09 15:04:30,552 ERROR [io.undertow.request] [AgentServerModelRegistrationStateChangeNotification-pool-21-thread-1] UT005076: SSL read loop detected. This should not happen, please report this to the Undertow developers. Current state SslConduit{state=30692, outstandingTasks=0, wrappedData=null, dataToUnwrap=null, unwrappedData=null} > {code} > And then that same thread gets blocked forever, stuck waiting for the lock at org.wildfly.httpclient.common.WildflyClientInputStream.read(WildflyClientInputStream.java:147) > {code:language=|borderStyle=solid|theme=RDark|linenumbers=true|collapse=true} > "AgentServerModelRegistrationStateChangeNotification-pool-21-thread-1" #40 prio=5 os_prio=0 tid=0x00007f5cac9f8000 nid=0x47 in Object.wait() [0x00007f5c8b1d5000] > java.lang.Thread.State: WAITING (on object monitor) > at java.lang.Object.wait(Native Method) > at java.lang.Object.wait(Object.java:502) > at org.wildfly.httpclient.common.WildflyClientInputStream.read(WildflyClientInputStream.java:147) > - locked <0x00000000ed9475a8> (a java.lang.Object) > at java.io.FilterInputStream.read(FilterInputStream.java:133) > at org.jboss.marshalling.SimpleDataInput.readFully(SimpleDataInput.java:175) > at org.jboss.marshalling.river.RiverUnmarshaller.doReadByteArray(RiverUnmarshaller.java:1622) > at org.jboss.marshalling.river.RiverUnmarshaller.doReadArray(RiverUnmarshaller.java:1690) > at org.jboss.marshalling.river.RiverUnmarshaller.doReadObject(RiverUnmarshaller.java:355) > at org.jboss.marshalling.river.RiverUnmarshaller.doReadObject(RiverUnmarshaller.java:231) > at org.jboss.marshalling.river.RiverUnmarshaller.readFields(RiverUnmarshaller.java:1864) > at org.jboss.marshalling.river.RiverUnmarshaller.doInitSerializable(RiverUnmarshaller.java:1778) > at org.jboss.marshalling.river.RiverUnmarshaller.doReadNewObject(RiverUnmarshaller.java:1406) > at org.jboss.marshalling.river.RiverUnmarshaller.doReadObject(RiverUnmarshaller.java:283) > at org.jboss.marshalling.river.RiverUnmarshaller.doReadObject(RiverUnmarshaller.java:216) > at org.jboss.marshalling.AbstractObjectInput.readObject(AbstractObjectInput.java:41) > at org.wildfly.httpclient.ejb.HttpEJBReceiver$2.getResult(HttpEJBReceiver.java:207) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:613) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:544) > at org.jboss.ejb.protocol.remote.RemotingEJBClientInterceptor.handleInvocationResult(RemotingEJBClientInterceptor.java:57) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:615) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:544) > at org.jboss.ejb.client.TransactionPostDiscoveryInterceptor.handleInvocationResult(TransactionPostDiscoveryInterceptor.java:148) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:615) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:544) > at org.jboss.ejb.client.DiscoveryEJBClientInterceptor.handleInvocationResult(DiscoveryEJBClientInterceptor.java:137) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:615) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:544) > at org.jboss.ejb.client.NamingEJBClientInterceptor.handleInvocationResult(NamingEJBClientInterceptor.java:87) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:615) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:544) > at org.jboss.ejb.client.TransactionInterceptor.handleInvocationResult(TransactionInterceptor.java:212) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:615) > at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:544) > at org.jboss.ejb.client.EJBClientInvocationContext.awaitResponse(EJBClientInvocationContext.java:986) > at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:191) > at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:125) > at com.sun.proxy.$Proxy24.getAdapterArchive(Unknown Source) > at com.nakina.agent.application.adaptermanager.internal.dataservice.AgentRemoteAdapterArchiveRepositoryImpl$FakeRemoteIterator.next(AgentRemoteAdapterArchiveRepositoryImpl.java:226) > at com.nakina.agent.application.adaptermanager.internal.dataservice.AgentRemoteAdapterArchiveRepositoryImpl$FakeRemoteIterator.next(AgentRemoteAdapterArchiveRepositoryImpl.java:189) > at com.nakina.adaptermanager.AdapterManagerImpl.addToLocalRepository(AdapterManagerImpl.java:506) > at com.nakina.adaptermanager.AdapterManagerImpl.synchronizeLocalRepository(AdapterManagerImpl.java:617) > at com.nakina.adaptermanager.AdapterManagerImpl.initialize(AdapterManagerImpl.java:373) > at com.nakina.agent.application.adaptermanager.internal.dataservice.AdapterManagerFactoryImpl.getAdapterManager(AdapterManagerFactoryImpl.java:66) > - locked <0x00000000c07fa748> (a java.lang.Object) > at com.nakina.agent.application.adaptermanager.internal.action.StartAdapterManagerAction.execute(StartAdapterManagerAction.java:54) > at com.nakina.oss.server.af.app.action.DefaultActionManager.executeRequest(DefaultActionManager.java:176) > ... > at com.nakina.oss.server.af.app.message.DefaultMessageReceiver.execute(DefaultMessageReceiver.java:65) > at com.nakina.oss.server.af.app.action.DefaultActionManager.executeRequest(DefaultActionManager.java:176) > at com.nakina.oss.server.af.app.message.DefaultMessageReceiver.onMessage(DefaultMessageReceiver.java:154) > at com.nakina.oss.server.af.app.impl.LocalMessageSenderImpl$SenderRunnable.run(LocalMessageSenderImpl.java:189) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > at java.lang.Thread.run(Thread.java:748) > {code} > h3. Other information: > Java version: > {code:language=|borderStyle=solid|theme=RDark|linenumbers=true|collapse=false} > $ java -version > openjdk version "1.8.0_252" > OpenJDK Runtime Environment (build 1.8.0_252-b09) > OpenJDK 64-Bit Server VM (build 25.252-b09, mixed mode) > {code} > Wildfly server version: > {code:language=|borderStyle=solid|theme=RDark|linenumbers=true|collapse=false} > WFLYSRV0049: WildFly Full 19.1.0.Final (WildFly Core 11.1.1.Final) starting > {code} > wildfly-client-all version: > * 19.0.1.Final wildfly-client-all jar. > * NOT seen when we revert back to 18.0.0.Final wildfly-client-all jar -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-1851) Elytron ldaps realm fails if a referral is returned inside a search

by Chao Wang (Jira)

[ https://issues.redhat.com/browse/ELY-1851?page=com.atlassian.jira.plugin.... ] Chao Wang updated ELY-1851: --------------------------- Affects Version/s: 1.10.8.Final > Elytron ldaps realm fails if a referral is returned inside a search > ------------------------------------------------------------------- > > Key: ELY-1851 > URL: https://issues.redhat.com/browse/ELY-1851 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.6.3.Final, 1.10.8.Final > Reporter: Chao Wang > Assignee: Chao Wang > Priority: Major > Fix For: 1.6.9.CR1 > > > Elytron LdapRealm fails to follow a referral when ldaps is used (the {{ThreadLocalSSLSocketFactory}} is not set). > With a configuration similar to this one ({{memberOf}} is used to locate groups): > {code:xml} > <ldap-realm name="ldap-realm" dir-context="ldap-dir-context" direct-verification="true"> > <identity-mapping rdn-identifier="sAMAccountName" use-recursive-search="true" search-base-dn="DC=redhat,DC=com"> > <attribute-mapping> > <attribute reference="memberOf" from="cn" to="Roles" role-recursion="3"/> > </attribute-mapping> > </identity-mapping> > </ldap-realm> > ... > <dir-context name="ldap-dir-context" url="ldaps://ldap.redhat.com:636" principal="cn=Administrator,cn=Users,DC=redhat,DC=com" referral-mode="FOLLOW" ssl-context="ldaps-context"> > <credential-reference store="credstore" alias="ldap_password"/> > </dir-context> > {code} > If we have a group (or user) which contains a {{memberOf}} of another ldap, something like the following: > {noformat} > dn: CN=group-with-external-members,OU=Groups,DC=redhat,DC=com > ... > memberOf: CN=group-in-another-domain,OU=Groups,DC=lab,DC=redhat,DC=com > {noformat} > The following exception is thrown when a referral is returned for a group that is inside another ldapserver of the forest: > {noformat} > TRACE [org.jboss.remoting.remote.server] (management task-1) Server sending authentication rejected: java.lang.RuntimeException: ELY01079: ldap-realm realm failed to obtain attributes for entry [CN=group-with-external-members,OU=Groups,DC=redhat,DC=com] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributesFromSearch(LdapSecurityRealm.java:808) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$4(LdapSecurityRealm.java:768) > at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:184) > at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1382) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:151) > at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:174) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:418) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.forEachAttributeValue(LdapSecurityRealm.java:841) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:766) > at java.util.stream.Collectors.lambda$toMap$58(Collectors.java:1321) > at java.util.stream.ReduceOps$3ReducingSink.accept(ReduceOps.java:169) > at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1382) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractAttributes(LdapSecurityRealm.java:828) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributes(LdapSecurityRealm.java:754) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getAttributes(LdapSecurityRealm.java:516) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getAuthorizationIdentity(LdapSecurityRealm.java:497) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(ServerAuthenticationContext.java:1923) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.authorize(ServerAuthenticationContext.java:1952) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:509) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:489) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:872) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:839) > at org.wildfly.security.sasl.util.SSLQueryCallbackHandler.handle(SSLQueryCallbackHandler.java:60) > at org.wildfly.security.sasl.util.TrustManagerSaslServerFactory.lambda$createSaslServer$0(TrustManagerSaslServerFactory.java:96) > at org.wildfly.security.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:146) > at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58) > at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106) > at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:59) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217) > at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:486) > at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:942) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378) > at java.lang.Thread.run(Thread.java:748) > Caused by: org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: ldap-realm realm identity search failed > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1141) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributesFromSearch(LdapSecurityRealm.java:797) > ... 46 more > Caused by: javax.naming.CommunicationException: ldap.lab.redhat.com:636 [Root exception is java.lang.IllegalStateException: ELY04025: DirContext tries to connect without ThreadLocalSSLSocketFactory thread local setting] > at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96) > at com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:151) > at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1861) > at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769) > at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786) > at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418) > at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396) > at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297) > at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297) > at org.wildfly.security.auth.realm.ldap.DelegatingLdapContext.search(DelegatingLdapContext.java:335) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.searchWithPagination(LdapSecurityRealm.java:1161) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1038) > ... 47 more > Caused by: java.lang.IllegalStateException: ELY04025: DirContext tries to connect without ThreadLocalSSLSocketFactory thread local setting > at org.wildfly.security.auth.realm.ldap.ThreadLocalSSLSocketFactory.getDefault(ThreadLocalSSLSocketFactory.java:46) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at com.sun.jndi.ldap.Connection.createSocket(Connection.java:296) > at com.sun.jndi.ldap.Connection.<init>(Connection.java:215) > at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137) > at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1609) > at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749) > at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) > at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) > at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151) > at com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:52) > at org.jboss.as.naming.context.ObjectFactoryBuilder$ReferenceUrlContextFactoryWrapper.getObjectInstance(ObjectFactoryBuilder.java:293) > at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:300) > at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:119) > ... 58 more > {noformat} > The reason seems to be that the {{ThreadLocalSSLSocketFactory}} is not set when doing a search, so, if a referral is returned the new search created inside the current one has no access to the {{SSLSocketFactory}} in the thread local. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-1851) Elytron ldaps realm fails if a referral is returned inside a search

by Chao Wang (Jira)

[ https://issues.redhat.com/browse/ELY-1851?page=com.atlassian.jira.plugin.... ] Chao Wang updated ELY-1851: --------------------------- Fix Version/s: (was: 1.6.9.CR1) > Elytron ldaps realm fails if a referral is returned inside a search > ------------------------------------------------------------------- > > Key: ELY-1851 > URL: https://issues.redhat.com/browse/ELY-1851 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.6.3.Final, 1.10.8.Final > Reporter: Chao Wang > Assignee: Chao Wang > Priority: Major > > Elytron LdapRealm fails to follow a referral when ldaps is used (the {{ThreadLocalSSLSocketFactory}} is not set). > With a configuration similar to this one ({{memberOf}} is used to locate groups): > {code:xml} > <ldap-realm name="ldap-realm" dir-context="ldap-dir-context" direct-verification="true"> > <identity-mapping rdn-identifier="sAMAccountName" use-recursive-search="true" search-base-dn="DC=redhat,DC=com"> > <attribute-mapping> > <attribute reference="memberOf" from="cn" to="Roles" role-recursion="3"/> > </attribute-mapping> > </identity-mapping> > </ldap-realm> > ... > <dir-context name="ldap-dir-context" url="ldaps://ldap.redhat.com:636" principal="cn=Administrator,cn=Users,DC=redhat,DC=com" referral-mode="FOLLOW" ssl-context="ldaps-context"> > <credential-reference store="credstore" alias="ldap_password"/> > </dir-context> > {code} > If we have a group (or user) which contains a {{memberOf}} of another ldap, something like the following: > {noformat} > dn: CN=group-with-external-members,OU=Groups,DC=redhat,DC=com > ... > memberOf: CN=group-in-another-domain,OU=Groups,DC=lab,DC=redhat,DC=com > {noformat} > The following exception is thrown when a referral is returned for a group that is inside another ldapserver of the forest: > {noformat} > TRACE [org.jboss.remoting.remote.server] (management task-1) Server sending authentication rejected: java.lang.RuntimeException: ELY01079: ldap-realm realm failed to obtain attributes for entry [CN=group-with-external-members,OU=Groups,DC=redhat,DC=com] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributesFromSearch(LdapSecurityRealm.java:808) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$4(LdapSecurityRealm.java:768) > at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:184) > at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1382) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:151) > at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:174) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:418) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.forEachAttributeValue(LdapSecurityRealm.java:841) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:766) > at java.util.stream.Collectors.lambda$toMap$58(Collectors.java:1321) > at java.util.stream.ReduceOps$3ReducingSink.accept(ReduceOps.java:169) > at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1382) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractAttributes(LdapSecurityRealm.java:828) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributes(LdapSecurityRealm.java:754) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getAttributes(LdapSecurityRealm.java:516) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getAuthorizationIdentity(LdapSecurityRealm.java:497) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(ServerAuthenticationContext.java:1923) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.authorize(ServerAuthenticationContext.java:1952) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:509) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:489) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:872) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:839) > at org.wildfly.security.sasl.util.SSLQueryCallbackHandler.handle(SSLQueryCallbackHandler.java:60) > at org.wildfly.security.sasl.util.TrustManagerSaslServerFactory.lambda$createSaslServer$0(TrustManagerSaslServerFactory.java:96) > at org.wildfly.security.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:146) > at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58) > at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106) > at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:59) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217) > at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:486) > at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:942) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378) > at java.lang.Thread.run(Thread.java:748) > Caused by: org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: ldap-realm realm identity search failed > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1141) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributesFromSearch(LdapSecurityRealm.java:797) > ... 46 more > Caused by: javax.naming.CommunicationException: ldap.lab.redhat.com:636 [Root exception is java.lang.IllegalStateException: ELY04025: DirContext tries to connect without ThreadLocalSSLSocketFactory thread local setting] > at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96) > at com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:151) > at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1861) > at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769) > at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786) > at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418) > at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396) > at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297) > at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297) > at org.wildfly.security.auth.realm.ldap.DelegatingLdapContext.search(DelegatingLdapContext.java:335) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.searchWithPagination(LdapSecurityRealm.java:1161) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1038) > ... 47 more > Caused by: java.lang.IllegalStateException: ELY04025: DirContext tries to connect without ThreadLocalSSLSocketFactory thread local setting > at org.wildfly.security.auth.realm.ldap.ThreadLocalSSLSocketFactory.getDefault(ThreadLocalSSLSocketFactory.java:46) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at com.sun.jndi.ldap.Connection.createSocket(Connection.java:296) > at com.sun.jndi.ldap.Connection.<init>(Connection.java:215) > at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137) > at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1609) > at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749) > at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) > at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) > at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151) > at com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:52) > at org.jboss.as.naming.context.ObjectFactoryBuilder$ReferenceUrlContextFactoryWrapper.getObjectInstance(ObjectFactoryBuilder.java:293) > at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:300) > at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:119) > ... 58 more > {noformat} > The reason seems to be that the {{ThreadLocalSSLSocketFactory}} is not set when doing a search, so, if a referral is returned the new search created inside the current one has no access to the {{SSLSocketFactory}} in the thread local. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-1851) Elytron ldaps realm fails if a referral is returned inside a search

by Chao Wang (Jira)

[ https://issues.redhat.com/browse/ELY-1851?page=com.atlassian.jira.plugin.... ] Chao Wang updated ELY-1851: --------------------------- Git Pull Request: https://github.com/wildfly-security/wildfly-elytron/pull/1307, https://github.com/wildfly-security/wildfly-elytron/pull/1435 (was: https://github.com/wildfly-security/wildfly-elytron/pull/1307) > Elytron ldaps realm fails if a referral is returned inside a search > ------------------------------------------------------------------- > > Key: ELY-1851 > URL: https://issues.redhat.com/browse/ELY-1851 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.6.3.Final > Reporter: Chao Wang > Assignee: Chao Wang > Priority: Major > Fix For: 1.6.9.CR1 > > > Elytron LdapRealm fails to follow a referral when ldaps is used (the {{ThreadLocalSSLSocketFactory}} is not set). > With a configuration similar to this one ({{memberOf}} is used to locate groups): > {code:xml} > <ldap-realm name="ldap-realm" dir-context="ldap-dir-context" direct-verification="true"> > <identity-mapping rdn-identifier="sAMAccountName" use-recursive-search="true" search-base-dn="DC=redhat,DC=com"> > <attribute-mapping> > <attribute reference="memberOf" from="cn" to="Roles" role-recursion="3"/> > </attribute-mapping> > </identity-mapping> > </ldap-realm> > ... > <dir-context name="ldap-dir-context" url="ldaps://ldap.redhat.com:636" principal="cn=Administrator,cn=Users,DC=redhat,DC=com" referral-mode="FOLLOW" ssl-context="ldaps-context"> > <credential-reference store="credstore" alias="ldap_password"/> > </dir-context> > {code} > If we have a group (or user) which contains a {{memberOf}} of another ldap, something like the following: > {noformat} > dn: CN=group-with-external-members,OU=Groups,DC=redhat,DC=com > ... > memberOf: CN=group-in-another-domain,OU=Groups,DC=lab,DC=redhat,DC=com > {noformat} > The following exception is thrown when a referral is returned for a group that is inside another ldapserver of the forest: > {noformat} > TRACE [org.jboss.remoting.remote.server] (management task-1) Server sending authentication rejected: java.lang.RuntimeException: ELY01079: ldap-realm realm failed to obtain attributes for entry [CN=group-with-external-members,OU=Groups,DC=redhat,DC=com] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributesFromSearch(LdapSecurityRealm.java:808) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$4(LdapSecurityRealm.java:768) > at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:184) > at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1382) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:151) > at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:174) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:418) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.forEachAttributeValue(LdapSecurityRealm.java:841) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:766) > at java.util.stream.Collectors.lambda$toMap$58(Collectors.java:1321) > at java.util.stream.ReduceOps$3ReducingSink.accept(ReduceOps.java:169) > at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1382) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractAttributes(LdapSecurityRealm.java:828) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributes(LdapSecurityRealm.java:754) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getAttributes(LdapSecurityRealm.java:516) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getAuthorizationIdentity(LdapSecurityRealm.java:497) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(ServerAuthenticationContext.java:1923) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.authorize(ServerAuthenticationContext.java:1952) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:509) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:489) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:872) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:839) > at org.wildfly.security.sasl.util.SSLQueryCallbackHandler.handle(SSLQueryCallbackHandler.java:60) > at org.wildfly.security.sasl.util.TrustManagerSaslServerFactory.lambda$createSaslServer$0(TrustManagerSaslServerFactory.java:96) > at org.wildfly.security.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:146) > at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58) > at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106) > at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:59) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217) > at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:486) > at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:942) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378) > at java.lang.Thread.run(Thread.java:748) > Caused by: org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: ldap-realm realm identity search failed > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1141) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributesFromSearch(LdapSecurityRealm.java:797) > ... 46 more > Caused by: javax.naming.CommunicationException: ldap.lab.redhat.com:636 [Root exception is java.lang.IllegalStateException: ELY04025: DirContext tries to connect without ThreadLocalSSLSocketFactory thread local setting] > at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96) > at com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:151) > at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1861) > at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769) > at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786) > at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418) > at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396) > at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297) > at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297) > at org.wildfly.security.auth.realm.ldap.DelegatingLdapContext.search(DelegatingLdapContext.java:335) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.searchWithPagination(LdapSecurityRealm.java:1161) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1038) > ... 47 more > Caused by: java.lang.IllegalStateException: ELY04025: DirContext tries to connect without ThreadLocalSSLSocketFactory thread local setting > at org.wildfly.security.auth.realm.ldap.ThreadLocalSSLSocketFactory.getDefault(ThreadLocalSSLSocketFactory.java:46) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at com.sun.jndi.ldap.Connection.createSocket(Connection.java:296) > at com.sun.jndi.ldap.Connection.<init>(Connection.java:215) > at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137) > at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1609) > at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749) > at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) > at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) > at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151) > at com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:52) > at org.jboss.as.naming.context.ObjectFactoryBuilder$ReferenceUrlContextFactoryWrapper.getObjectInstance(ObjectFactoryBuilder.java:293) > at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:300) > at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:119) > ... 58 more > {noformat} > The reason seems to be that the {{ThreadLocalSSLSocketFactory}} is not set when doing a search, so, if a referral is returned the new search created inside the current one has no access to the {{SSLSocketFactory}} in the thread local. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5517) Enhance DMNResult/DMNContext to be able to return strongly typed OutputSet

by Toshiya Kobayashi (Jira)

[ https://issues.redhat.com/browse/DROOLS-5517?page=com.atlassian.jira.plug... ] Toshiya Kobayashi updated DROOLS-5517: -------------------------------------- Story Points: 6 (was: 4) > Enhance DMNResult/DMNContext to be able to return strongly typed OutputSet > -------------------------------------------------------------------------- > > Key: DROOLS-5517 > URL: https://issues.redhat.com/browse/DROOLS-5517 > Project: Drools > Issue Type: Enhancement > Components: dmn engine > Affects Versions: 7.40.0.Final > Reporter: Toshiya Kobayashi > Assignee: Toshiya Kobayashi > Priority: Major > > DROOLS-5502 was to generate OutputSet class and convert DMNResult.getContext().getAll() to the OutputSet externally. This JIRA aims to convert it inside DMNRuntime so that we can get the OutputSet from DMNResult.getContext().getXXX() directly. > https://github.com/kiegroup/drools/pull/2993#pullrequestreview-451150317 -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 2 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira August 2020