November 2008 - jboss-jira - Jboss List Archives

[JBoss JIRA] Created: (JBMAN-35) CompositeValueInvocationHandler is not Serializable

by Scott M Stark (JIRA)

CompositeValueInvocationHandler is not Serializable --------------------------------------------------- Key: JBMAN-35 URL: https://jira.jboss.org/jira/browse/JBMAN-35 Project: JBoss Managed Issue Type: Bug Components: metatype Affects Versions: JBossMan.2.0.0.CR3 Reporter: Scott M Stark Assignee: Scott M Stark Fix For: JBossMan.2.0.0.GA The following is being seen while creating a datasource from a template via the profileservice: Failed to update Resource (see app server log for additional details): java.io.NotSerializableException: org.jboss.metatype.plugins.values.CompositeValueInvocationHandler at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1173) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1526) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1491) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1409) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1167) at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:343) at java.util.ArrayList.writeObject(ArrayList.java:673) at sun.reflect.GeneratedMethodAccessor352.invoke(Unknown Source) at Should this be serializable? -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
2
0 / 0

[JBoss JIRA] Created: (JBMAN-36) Ensure consistent use of MetaValue in org.jboss.managed.api

by Scott M Stark (JIRA)

Ensure consistent use of MetaValue in org.jboss.managed.api ----------------------------------------------------------- Key: JBMAN-36 URL: https://jira.jboss.org/jira/browse/JBMAN-36 Project: JBoss Managed Issue Type: Feature Request Components: managedobject Affects Versions: JBossMan.2.0.0.CR4 Reporter: Scott M Stark Assignee: Scott M Stark Fix For: JBossMan.2.0.0.GA The org.jboss.managed.api ManagedProperty, ManagedOperation and ManagedParameter are using java.lang.Object instead org.jboss.metatype.api.values.MetaValue for input/output and this leads to leakage of server deployment types. These should be changed to ensure consistent value types. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
3
0 / 0

[JBoss JIRA] Created: (JBMAN-37) Add ViewUse field to Fields

by Scott M Stark (JIRA)

Add ViewUse field to Fields --------------------------- Key: JBMAN-37 URL: https://jira.jboss.org/jira/browse/JBMAN-37 Project: JBoss Managed Issue Type: Feature Request Affects Versions: JBossMan.2.0.0.CR4 Reporter: Scott M Stark Assignee: Scott M Stark Fix For: JBossMan.2.0.0.CR5 Right now the only way to add ViewUse values to a property is via an annotation. We should have a Fields.VIEW_USE standard field for ViewUse[] values. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
1
0 / 0

[JBoss JIRA] Created: (JBREM-1063) Add javadoc zip to distro

by David Lloyd (JIRA)

Add javadoc zip to distro ------------------------- Key: JBREM-1063 URL: https://jira.jboss.org/jira/browse/JBREM-1063 Project: JBoss Remoting Issue Type: Sub-task Security Level: Public (Everyone can see) Components: r3 api, r3 core, r3 JRPP Affects Versions: 3.0.0.Beta1 Reporter: David Lloyd Fix For: 3.0.0.Beta2 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
1
0 / 0

[JBoss JIRA] Created: (JBREM-1062) Add source JARs to distro

by David Lloyd (JIRA)

Add source JARs to distro ------------------------- Key: JBREM-1062 URL: https://jira.jboss.org/jira/browse/JBREM-1062 Project: JBoss Remoting Issue Type: Sub-task Security Level: Public (Everyone can see) Components: r3 api, r3 core, r3 JRPP Affects Versions: 3.0.0.Beta1 Reporter: David Lloyd Fix For: 3.0.0.Beta2 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
1
0 / 0

[JBoss JIRA] Created: (JBREM-1059) Fill in missing javadoc

by David Lloyd (JIRA)

Fill in missing javadoc ----------------------- Key: JBREM-1059 URL: https://jira.jboss.org/jira/browse/JBREM-1059 Project: JBoss Remoting Issue Type: Task Security Level: Public (Everyone can see) Components: r3 api Affects Versions: 3.0.0.Beta1 Reporter: David Lloyd Fix For: 3.0.0.Beta2 Some API classes/methods are still missing javadocs. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
1
0 / 0

[JBoss JIRA] Created: (JBRULES-1854) Parser raising CCE on the special OR syntax

by Edson Tirelli (JIRA)

Parser raising CCE on the special OR syntax ------------------------------------------- Key: JBRULES-1854 URL: https://jira.jboss.org/jira/browse/JBRULES-1854 Project: JBoss Drools Issue Type: Bug Security Level: Public (Everyone can see) Affects Versions: 5.0.0.M2 Reporter: Edson Tirelli Assignee: Edson Tirelli Fix For: 5.0.0.M3 Parser is raising a CCE when the special OR syntax is used: $var : ( A() or B() or C() ) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
1
0 / 0

[JBoss JIRA] Created: (JBAS-6217) JBossWebRealm->enableAuditFlag should be false by default

by Anil Saldhana (JIRA)

JBossWebRealm->enableAuditFlag should be false by default --------------------------------------------------------- Key: JBAS-6217 URL: https://jira.jboss.org/jira/browse/JBAS-6217 Project: JBoss Application Server Issue Type: Sub-task Security Level: Public (Everyone can see) Components: Web (Tomcat) service Affects Versions: JBossAS-5.0.0.CR2 Reporter: Anil Saldhana Assignee: Anil Saldhana Fix For: JBossAS-5.0.0.GA 1) Auditing may not be desired by all. 2) It affects character encoding capabilities for servlet request. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
1
0 / 0

[JBoss JIRA] Created: (JBAS-6130) AS5:JACC: <role-name>*</role-name> in web.xml should allow configurable authorization bypass

by Anil Saldhana (JIRA)

AS5:JACC: <role-name>*</role-name> in web.xml should allow configurable authorization bypass -------------------------------------------------------------------------------------------- Key: JBAS-6130 URL: https://jira.jboss.org/jira/browse/JBAS-6130 Project: JBoss Application Server Issue Type: Feature Request Components: Security Affects Versions: JBossAS-4.0.2 Final Environment: - Reporter: Anil Saldhana Assignee: Anil Saldhana In some cases I wish to do authentication without authorisation. For example everybody has access to my web-resource, but I want to know who she/he is. Therefore the accessing user must login. So my web.xml contains the following snippet: ... <security-constraint> <web-resource-collection> <web-resource-name>Protected Helloworld example</web-resource-name> <description/> <url-pattern>/servlet/HelloWorldExample</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>public</realm-name> </login-config> ... The web app runs with this configuration in Tomcat 5.5.8 standalone but not in Jboss. To run it in Jboss I have to add the following element: <security-role> <role-name>aRole</role-name> </security-role> The JACC spec (section 3.1.3.1, paragraph 3)states : " ?. When an auth-constraint names the reserved role-name, "*", all of the patterns in the containing security-constraint must be combined with all of the roles defined in the web application." JBoss implemented this by combining all of the patterns with all roles defined in the web.xml and assumes that each role has to be defined in the web.xml. But the web applications roles are probably defined in other files than the web.xml. In our case we use JACC with an external authentication provider. And each time, the roles changes, I also would have to modify the web.xml. It is desirable if the auth-contraint with the role-name "*" acceppts "all" roles and not only those that are defined in the web.xml. Or is this a JACC spec issue? Regards, Andrea -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
3
0 / 0

[JBoss JIRA] Created: (JBAS-5976) Securing web-app cause incorrect character encoding in GET/POST data

by Igor (JIRA)

Securing web-app cause incorrect character encoding in GET/POST data -------------------------------------------------------------------- Key: JBAS-5976 URL: https://jira.jboss.org/jira/browse/JBAS-5976 Project: JBoss Application Server Issue Type: Bug Security Level: Public (Everyone can see) Components: Web (Tomcat) service Affects Versions: JBossAS-5.0.0.CR2, JBossAS-5.0.0.CR1 Environment: Fedora Linux 10 JDK 1.6.0 Firefox 3.0.1 Reporter: Igor Assignee: Remy Maucherat Priority: Critical Simple test page from Tomcat FAQ (http://wiki.apache.org/tomcat/FAQ/CharacterEncoding#Q4) work right in non-secure web-app. After apply BASIC web authentication, character encoding of posted data is broken. After authentication, request.setCharactEncoding("UTF-8") in request filter does no effect too. No matter which login module in use, org.jboss.security.auth.spi.UsersRolesLoginModule or my own login module. Seems that authentication cause access the Request object in app server _before_ it can be accessed in user request filter. After that, setting request.setCharacterEncoding not work. Insecure web-application work fine and non-ASCII characters appear correctly. This bug starts in CR-releases of JBoss 5. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

5
22
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira November 2008