May 2010 - jboss-jira - Jboss List Archives

[JBoss JIRA] Created: (JASSIST-116) a quicker lower-level API for generating a class file

by Shigeru Chiba (JIRA)

a quicker lower-level API for generating a class file ----------------------------------------------------- Key: JASSIST-116 URL: https://jira.jboss.org/jira/browse/JASSIST-116 Project: Javassist Issue Type: Feature Request Affects Versions: 3.12.0.GA Reporter: Shigeru Chiba Assignee: Shigeru Chiba Fix For: 3.13.0.GA An ASM-like simple generator of class files. javassist.bytecode.ClassFile is twice slower than ASM. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years

1
1
0 / 0

[JBoss JIRA] Created: (JGRP-837) Add faulire simulation capabiliries to Simulator

by Richard Achmatowicz (JIRA)

Add faulire simulation capabiliries to Simulator ------------------------------------------------- Key: JGRP-837 URL: https://jira.jboss.org/jira/browse/JGRP-837 Project: JGroups Issue Type: Feature Request Reporter: Richard Achmatowicz Assignee: Richard Achmatowicz Priority: Minor The Simulator can be used to test protocol layers in isolation. Multiple Simulator instances can be configured so that they model a multicast group. In its present state, messages are transported from one Simulator instance to another by the send_thread, which moves messages from send_queue to recv_queue in a reliable fashion. Futhermore, all Simulators perform at the same speed. I'd like to use the Simulator to additionally simulate failures, in order to check the robustness of the protocols. In particular, i'd like to model: * dropped, reordered, corrupted messages * failed processors ('crash' failure) * network partitions * slow processes This JIRA issue will track progress on this and allow for discussion. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years

2
12
0 / 0

[JBoss JIRA] Created: (JGRP-324) Ethereal plugin for JGroups

by Bela Ban (JIRA)

Ethereal plugin for JGroups --------------------------- Key: JGRP-324 URL: http://jira.jboss.com/jira/browse/JGRP-324 Project: JGroups Issue Type: Feature Request Reporter: Bela Ban Assigned To: Bela Ban Priority: Minor Fix For: 2.x Write a C implementation of an ethereal plugin which understands the JGroups wire format and displays information about the JGroups messages (e.g. sender, receiver, headers) in ethereal. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years

3
14
0 / 0

[JBoss JIRA] Created: (EJBTHREE-2092) Suppress the WARN message from SessionContainer for JNDI bindings

by jaikiran pai (JIRA)

Suppress the WARN message from SessionContainer for JNDI bindings ----------------------------------------------------------------- Key: EJBTHREE-2092 URL: https://jira.jboss.org/jira/browse/EJBTHREE-2092 Project: EJB 3.0 Issue Type: Task Components: core Affects Versions: EJB3_1 1.0.7 Reporter: jaikiran pai Assignee: jaikiran pai We log this message if the JNDI registrar isn't available: 18:35:11,166 WARN [org.jboss.ejb3.session.SessionContainer] No JndiSessionRegistrarBase was found; byassing binding of Proxies to jboss.j2ee:service=EJB3,name=DbInitializerBean in Global JNDI. Now that the JNDI binding logic has been extracted out of container lifecycle (for singleton container), logging this at WARN isn't really right. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years

1
1
0 / 0

[JBoss JIRA] Created: (JBAS-7923) Authentication caches wrong credential settings

by ali aslan (JIRA)

Authentication caches wrong credential settings ----------------------------------------------- Key: JBAS-7923 URL: https://jira.jboss.org/jira/browse/JBAS-7923 Project: JBoss Application Server Issue Type: Bug Security Level: Public (Everyone can see) Components: Security Affects Versions: JBossAS-5.1.0.GA Environment: Windows Vista, jdk1.5.0_18, MySQL Server 5.0 Reporter: ali aslan Assignee: Anil Saldhana My Problem is that I can login/logout with different users as long as I do not enter a wrong password for a user. If this happens it is not possible to authenticate any other user. Authentication always fails. If I delete the browser cookies I can authenticate the user again. The JAAS configuration in jboss-service.xml  <mbean code="org.jboss.security.plugins.JaasSecurityManagerService" name="jboss.security:service=JaasSecurityManager"> <attribute name="ServerMode">true</attribute> <attribute name="SecurityManagerClassName">org.jboss.security.plugins.JaasSecurityManager</attribute> <attribute name="DefaultUnauthenticatedPrincipal">anonymous</attribute> <attribute name="DefaultCacheTimeout">0</attribute> <attribute name="DefaultCacheResolution">0</attribute> <attribute name="DeepCopySubjectMode">false</attribute> </mbean> -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years

1
1
0 / 0

[UAT JBoss JIRA UAT UAT UAT] Created: (JBCL-159) Add support for wildcards in dynamic imports

by Ales Justin (JIRA)

Add support for wildcards in dynamic imports -------------------------------------------- Key: JBCL-159 URL: https://jira2.jboss.org/browse/JBCL-159 Project: JBoss ClassLoader Issue Type: Feature Request Components: ClassLoader Affects Versions: JBossCL.2.2.0.Alpha3 Reporter: Ales Justin Assignee: Ales Justin Tralala. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira2.jboss.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years

1
1
0 / 0

[JBoss JIRA] Created: (JBAS-8028) java.util.zip.ZipException: error in opening zip file

by Marko Strukelj (JIRA)

java.util.zip.ZipException: error in opening zip file ----------------------------------------------------- Key: JBAS-8028 URL: https://jira.jboss.org/jira/browse/JBAS-8028 Project: JBoss Application Server Issue Type: Bug Security Level: Public (Everyone can see) Components: VFS Affects Versions: 6.0.0.M3 Reporter: Marko Strukelj Deploying the attached .war containg CDI app + Seam3 Faces Module fails on M3 (working fine on M2). 0:56:32,961 SEVERE [javax.enterprise.resource.webcontainer.jsf.config] Unable to process annotations for url, vfs:/C:/opt/java/jboss-6.0.0.20100429-M3/server/default/deploy/cdi-vfs3-bug.war/WEB-INF/lib/seam-faces-3.0.0-SNAPSHOT.jar/META-INF/faces-config.xml. Reason: java.util.z ip.ZipException: error in opening zip file 20:56:32,989 SEVERE [javax.enterprise.resource.webcontainer.jsf.config] : java.util.zip.ZipException: error in opening zip file at java.util.zip.ZipFile.open(Native Method) [:1.6.0_18] at java.util.zip.ZipFile.<init>(ZipFile.java:114) [:1.6.0_18] at java.util.jar.JarFile.<init>(JarFile.java:133) [:1.6.0_18] at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:67) [:1.6.0_18] at sun.net.www.protocol.jar.URLJarFile$1.run(URLJarFile.java:214) [:1.6.0_18] at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_18] at sun.net.www.protocol.jar.URLJarFile.retrieve(URLJarFile.java:198) [:1.6.0_18] at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:50) [:1.6.0_18] at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:80) [:1.6.0_18] at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:104) [:1.6.0_18] at sun.net.www.protocol.jar.JarURLConnection.getJarFile(JarURLConnection.java:71) [:1.6.0_18] at com.sun.faces.config.AnnotationScanner.processClasspath(AnnotationScanner.java:290) [:2.0.2-FCS] at com.sun.faces.config.AnnotationScanner.getAnnotatedClasses(AnnotationScanner.java:215) [:2.0.2-FCS] at com.sun.faces.config.ConfigManager$AnnotationScanTask.call(ConfigManager.java:765) [:2.0.2-FCS] at com.sun.faces.config.ConfigManager$AnnotationScanTask.call(ConfigManager.java:736) [:2.0.2-FCS] at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) [:1.6.0_18] at java.util.concurrent.FutureTask.run(FutureTask.java:138) [:1.6.0_18] at com.sun.faces.config.ConfigManager.initialize(ConfigManager.java:329) [:2.0.2-FCS] at com.sun.faces.config.ConfigureListener.contextInitialized(ConfigureListener.java:223) [:2.0.2-FCS] at org.jboss.web.jsf.integration.config.JBossJSFConfigureListener.contextInitialized(JBossJSFConfigureListener.java:72) [:6.0.0.20100429-M3] at org.apache.catalina.core.StandardContext.contextListenerStart(StandardContext.java:3733) [:6.0.0.20100429-M3] at org.apache.catalina.core.StandardContext.start(StandardContext.java:4197) [:6.0.0.20100429-M3] at org.jboss.web.tomcat.service.deployers.TomcatDeployment.performDeployInternal(TomcatDeployment.java:323) [:6.0.0.20100429-M3] at org.jboss.web.tomcat.service.deployers.TomcatDeployment.performDeploy(TomcatDeployment.java:148) [:6.0.0.20100429-M3] at org.jboss.web.deployers.AbstractWarDeployment.start(AbstractWarDeployment.java:462) [:6.0.0.20100429-M3] at org.jboss.web.deployers.WebModule.startModule(WebModule.java:116) [:6.0.0.20100429-M3] at org.jboss.web.deployers.WebModule.start(WebModule.java:95) [:6.0.0.20100429-M3] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_18] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_18] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_18] at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_18] at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157) [:6.0.0.Beta5] at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96) [:6.0.0.Beta5] at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) [:6.0.0.Beta5] at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:271) [:6.0.0.Beta5] at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:670) [:6.0.0.Beta5] at org.jboss.system.microcontainer.ServiceProxy.invoke(ServiceProxy.java:206) [:2.2.0.Alpha9] at $Proxy41.start(Unknown Source) at org.jboss.system.microcontainer.StartStopLifecycleAction.installAction(StartStopLifecycleAction.java:53) [:2.2.0.Alpha9] at org.jboss.system.microcontainer.StartStopLifecycleAction.installAction(StartStopLifecycleAction.java:41) [:2.2.0.Alpha9] at org.jboss.dependency.plugins.action.SimpleControllerContextAction.simpleInstallAction(SimpleControllerContextAction.java:62) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.action.AccessControllerContextAction.install(AccessControllerContextAction.java:71) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractControllerContextActions.install(AbstractControllerContextActions.java:51) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractControllerContext.install(AbstractControllerContext.java:377) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.system.microcontainer.ServiceControllerContext.install(ServiceControllerContext.java:301) [:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:2042) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.incrementState(AbstractController.java:1081) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.executeOrIncrementStateDirectly(AbstractController.java:1320) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1244) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1137) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:937) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:652) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.system.ServiceController.doChange(ServiceController.java:671) [:6.0.0.20100429-M3 (Build SVNTag:JBoss_6.0.0.20100429-M3 date: 20100502)] at org.jboss.system.ServiceController.start(ServiceController.java:443) [:6.0.0.20100429-M3 (Build SVNTag:JBoss_6.0.0.20100429-M3 date: 20100502)] at org.jboss.system.deployers.ServiceDeployer.start(ServiceDeployer.java:189) [:6.0.0.20100429-M3] at org.jboss.system.deployers.ServiceDeployer.deploy(ServiceDeployer.java:102) [:6.0.0.20100429-M3] at org.jboss.system.deployers.ServiceDeployer.deploy(ServiceDeployer.java:49) [:6.0.0.20100429-M3] at org.jboss.deployers.spi.deployer.helpers.AbstractSimpleRealDeployer.internalDeploy(AbstractSimpleRealDeployer.java:62) [:2.2.0.Alpha4] at org.jboss.deployers.spi.deployer.helpers.AbstractRealDeployer.deploy(AbstractRealDeployer.java:55) [:2.2.0.Alpha4] at org.jboss.deployers.plugins.deployers.DeployerWrapper.deploy(DeployerWrapper.java:179) [:2.2.0.Alpha4] at org.jboss.deployers.plugins.deployers.DeployersImpl.doDeploy(DeployersImpl.java:1857) [:2.2.0.Alpha4] at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:1575) [:2.2.0.Alpha4] at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:1596) [:2.2.0.Alpha4] at org.jboss.deployers.plugins.deployers.DeployersImpl.install(DeployersImpl.java:1516) [:2.2.0.Alpha4] at org.jboss.dependency.plugins.AbstractControllerContext.install(AbstractControllerContext.java:377) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:2042) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.incrementState(AbstractController.java:1081) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.executeOrIncrementStateDirectly(AbstractController.java:1320) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1244) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1137) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:937) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:652) [jboss-dependency.jar:2.2.0.Alpha9] at org.jboss.deployers.plugins.deployers.DeployersImpl.change(DeployersImpl.java:2008) [:2.2.0.Alpha4] at org.jboss.deployers.plugins.deployers.DeployersImpl.process(DeployersImpl.java:1101) [:2.2.0.Alpha4] at org.jboss.deployers.plugins.main.MainDeployerImpl.process(MainDeployerImpl.java:679) [:2.2.0.Alpha4] at org.jboss.system.server.profileservice.repository.MainDeployerAdapter.process(MainDeployerAdapter.java:117) [:6.0.0.20100429-M3] at org.jboss.system.server.profileservice.hotdeploy.HDScanner.scan(HDScanner.java:409) [:6.0.0.20100429-M3] at org.jboss.system.server.profileservice.hotdeploy.HDScanner.run(HDScanner.java:294) [:6.0.0.20100429-M3] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) [:1.6.0_18] at java.util.concurrent.FutureTask$Sync.innerRunAndReset(FutureTask.java:317) [:1.6.0_18] at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:150) [:1.6.0_18] at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(ScheduledThreadPoolExecutor.java:98) [:1.6.0_18] at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.runPeriodic(ScheduledThreadPoolExecutor.java:181) [:1.6.0_18] at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:205) [:1.6.0_18] at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [:1.6.0_18] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [:1.6.0_18] at java.lang.Thread.run(Thread.java:619) [:1.6.0_18] Might be related to JBAS-7882 issue on M3. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years

1
2
0 / 0

[JBoss JIRA] Created: (JBPORTAL-2477) eXoGadgetServer/gadgets/proxy Provides Access to protected network resources

by Ian De Villiers (JIRA)

eXoGadgetServer/gadgets/proxy Provides Access to protected network resources ---------------------------------------------------------------------------- Key: JBPORTAL-2477 URL: https://jira.jboss.org/jira/browse/JBPORTAL-2477 Project: JBoss Portal Issue Type: Bug Security Level: Public (Everyone can see) Components: Portal Security Affects Versions: 3.0 Final Environment: Tested on a number of different platforms Reporter: Ian De Villiers Fix For: 3.0 Final As per e-mail originally detailing issues with GateIn3.0.0-Beta2 sent to Thomas Heute on 16th November, 2009. When gadgets are added to the dashboard, the /eXoGadgetServer/gadgets/proxy component loads resources such as images from the portal server using the url specified by the url parameter. However, no validation checking is performed on the URL field, making it possible to access resources on alternate HTTP ports or alternate servers. Numerous similar issues exist within other portal applications. BEA Weblogics (now Oracle) and Vignette Portal have also been found to be vulnerable to similar issues in the past. However, in the case of these portal systems, these requests are only allowed to be made to hosts defined within the same scope as the originating server. Additionally (although this is configurable), the majority of these portlets can only be exploited by authenticated users. In the case of GateIn Portal, an unauthenticated user can make a request to any third-party system (or port) by tampering with the url parameter. This may result in an attacker initiating attacks against third-party systems, or accessing resources which would otherwise be protected. For example, assuming the GateIn Portal is exposed to the Internet. The J2EE application server has been configured to serve portal content on port 80, and the J2EE administrative components are only available on port 8080. Inbound traffic desitned to port 8080 from the Internet is restricted by the firewall. An attacker would be able to access the J2EE administrative components by requesting the following URL: http://VulnerableHost:80/eXoGadgetServer/gadgets/proxy?url=http%3A%2F%2F1... I've been researching these specific vulnerabilities in portal environments for a while now, and have authored a toolset specifically designed at exploiting these vulnerabilities in order to gain access to protected network resources. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years

1
0
0 / 0

[JBoss JIRA] Created: (EJBTHREE-2091) Singleton EJBs do not honor @LocalBinding

by Andrew Lee Rubinger (JIRA)

Singleton EJBs do not honor @LocalBinding ----------------------------------------- Key: EJBTHREE-2091 URL: https://jira.jboss.org/jira/browse/EJBTHREE-2091 Project: EJB 3.0 Issue Type: Bug Components: singleton Affects Versions: EJB3_1 1.0.7 Reporter: Andrew Lee Rubinger Assignee: jaikiran pai Given bean implementation class: @Singleton @Startup @Local(DbInitializerLocalBusiness.class) @LocalBinding(jndiBinding = DbInitializerLocalBusiness.JNDI_NAME) // JBoss-specific JNDI Binding annotation @TransactionManagement(TransactionManagementType.BEAN) // We'll use bean-managed Tx's here, because @PostConstruct is fired in a // non-transactional context anyway, and we want to have consistent // handling when we call via "refreshWithDefaultData". public class DbInitializerBean implements DbInitializerLocalBusiness Global JNDI reports: +- DbInitializer (proxy: $Proxy143 implements interface org.jboss.ejb3.examples.chxx.transactions.ejb.DbInitializerLocalBusiness) Additionally, we're missing INFO logging about where the proxies are bound. This warning is also present: 18:35:11,166 WARN [org.jboss.ejb3.session.SessionContainer] No JndiSessionRegistrarBase was found; byassing binding of Proxies to jboss.j2ee:service=EJB3,name=DbInitializerBean in Global JNDI. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years

2
2
0 / 0

[JBoss JIRA] Created: (JBMESSAGING-1806) Suckerpassword should not be in clear text form

by Howard Gao (JIRA)

Suckerpassword should not be in clear text form ----------------------------------------------- Key: JBMESSAGING-1806 URL: https://jira.jboss.org/jira/browse/JBMESSAGING-1806 Project: JBoss Messaging Issue Type: Feature Request Components: JMS Clustering Affects Versions: 1.4.6.GA.SP1 Reporter: Howard Gao Assignee: Howard Gao Fix For: 1.4.0.SP3.CP11, 1.4.7.GA Sucker's password is stored in clear text so far. We need to mask it to make it harder to read for security concerns. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years

1
1
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2010