January 2011 - jboss-jira - Jboss List Archives

[JBoss JIRA] Created: (SECURITY-352) Cache Server Subject

by Darran Lofthouse (JIRA)

Cache Server Subject -------------------- Key: SECURITY-352 URL: https://jira.jboss.org/jira/browse/SECURITY-352 Project: JBoss Security and Identity Management Issue Type: Feature Request Security Level: Public (Everyone can see) Components: Negotiation Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: Negotiation_2.0.4.GA Each authentication process currently has 3 AS-REQ requests (6 if pre-auth is an issue) One request for each of the SPNEGO round trips and then one request for the LDAP search. Attempts to make use of a local ticket cache failed: -  As the keytab had not been read it meant that the requirements for storeKey were not met, this is needed for SPNEGO. <module-option name="storeKey">true</module-option> A mechanism to cache the server subject is needed. The expiration time of the ticket can be obtained to decide how long to cache the ticket for: - Set<Object> privateCredentials = serverSubject.getPrivateCredentials(); for (Object current : privateCredentials) { if (current instanceof KerberosTicket) { KerberosTicket ticket = (KerberosTicket) current; System.out.println(ticket.getEndTime()); } } -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

1
4
0 / 0

[JBoss JIRA] Created: (SECURITY-357) Add Active Directory Debugging to User Guide

by Darran Lofthouse (JIRA)

Add Active Directory Debugging to User Guide -------------------------------------------- Key: SECURITY-357 URL: https://jira.jboss.org/jira/browse/SECURITY-357 Project: JBoss Security and Identity Management Issue Type: Task Security Level: Public (Everyone can see) Components: Negotiation Affects Versions: Negotiation_2.0.3.GA Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: Negotiation_2.0.4.GA Reference the following article which describes how to add additional event logging: - http://support.microsoft.com/default.aspx?scid=kb;en-us;314980&sd=tech -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

1
5
0 / 0

[JBoss JIRA] Created: (SECURITY-538) Document the AdvancedADLoginModule

by Darran Lofthouse (JIRA)

Document the AdvancedADLoginModule ---------------------------------- Key: SECURITY-538 URL: https://jira.jboss.org/browse/SECURITY-538 Project: PicketBox (JBoss Security and Identity Management) Issue Type: Task Security Level: Public (Everyone can see) Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: Negotiation_2.0.3.SP4 , Negotiation_2.0.4.GA The AdvancedADLoginModule was added to allow the users primary group to be identified, documentation needs to be added on the use of this login module. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

1
4
0 / 0

[JBoss JIRA] Created: (SECURITY-473) Add documentation for IBM JRE

by Darran Lofthouse (JIRA)

Add documentation for IBM JRE ----------------------------- Key: SECURITY-473 URL: https://jira.jboss.org/jira/browse/SECURITY-473 Project: PicketBox (JBoss Security and Identity Management) Issue Type: Task Security Level: Public (Everyone can see) Components: Documentation, Negotiation Affects Versions: Negotiation_2.0.3.SP2 Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: Negotiation_2.0.3.SP3, Negotiation_2.0.4.GA Add documentation for IBM JRE http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rz... http://www.ibm.com/developerworks/java/jdk/security/50/secguides/jgssDocs... Example: - <application-policy name="host-ibm"> <authentication> <login-module code="com.ibm.security.auth.module.Krb5LoginModule" flag="required"> <module-option name="useKeytab">file:///home/darranl/src/negotiation-as/jboss-5.1.0.GA-vm137/bin/service.keytab</module-option> <module-option name="principal">host/testserver(a)VM137DOMAIN.GSSLAB</module-option> <module-option name="credsType">both</module-option> <module-option name="debug">false</module-option> </login-module> </authentication> </application-policy> Also see JBAS-4969 the property jboss.security.disable.secdomain.option=true needs to be set. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

1
6
0 / 0

[JBoss JIRA] Created: (SECURITY-457) User guide builds incorrectly using Java 6

by Darran Lofthouse (JIRA)

User guide builds incorrectly using Java 6 ------------------------------------------ Key: SECURITY-457 URL: https://jira.jboss.org/jira/browse/SECURITY-457 Project: JBoss Security and Identity Management Issue Type: Bug Security Level: Public (Everyone can see) Components: Negotiation Affects Versions: Negotiation_2.0.3.SP2 Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: Negotiation_2.0.4.GA The user guide builds incorrectly running Java 6, however Java 5 still works as expected. Suspect XML parsing differences, documentation should be updated to work with Java 6. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

1
4
0 / 0

[JBoss JIRA] Created: (JBRULES-1471) Accumulate should not call getResult() more then necessary

by Geoffrey De Smet (JIRA)

Accumulate should not call getResult() more then necessary ---------------------------------------------------------- Key: JBRULES-1471 URL: http://jira.jboss.com/jira/browse/JBRULES-1471 Project: JBoss Drools Issue Type: Task Security Level: Public (Everyone can see) Components: Reteoo Reporter: Geoffrey De Smet Assigned To: Edson Tirelli Fix For: 5.0.0-M1 For this rule: rule "roomCapacityTooSmall" // TODO it takes 50-90% of the performance of drools-solver when $period : Period(); $room : Room($capacity : capacity); $totalStudentSize : Number(intValue > $capacity) from accumulate( Exam(period == $period, room == $room, $studentSize : topicStudentSize), sum($studentSize) ); ... end Outside drl, I update 2 out of 700 Exam objects and call fireAllRulesAndCalculateDecisionScore. The drl never changes an Exam. Period and Room never change. That results into this log: Breakpoint reached at org.drools.solver.core.evaluation.EvaluationHandler.fireAllRulesAndCalculateDecisionScore(EvaluationHandler.java:90) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.reverse(SumAccumulateFunction.java:62) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.getResult(SumAccumulateFunction.java:70) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.accumulate(SumAccumulateFunction.java:53) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.getResult(SumAccumulateFunction.java:70) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.reverse(SumAccumulateFunction.java:62) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.getResult(SumAccumulateFunction.java:70) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.accumulate(SumAccumulateFunction.java:53) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.getResult(SumAccumulateFunction.java:70) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.reverse(SumAccumulateFunction.java:62) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.getResult(SumAccumulateFunction.java:70) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.accumulate(SumAccumulateFunction.java:53) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.getResult(SumAccumulateFunction.java:70) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.reverse(SumAccumulateFunction.java:62) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.getResult(SumAccumulateFunction.java:70) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.accumulate(SumAccumulateFunction.java:53) Breakpoint reached at org.drools.base.accumulators.SumAccumulateFunction.getResult(SumAccumulateFunction.java:70) There are 4 accumulate calls and 4 reverse calls. That might be accurate. There are 8 getResult calls, that should only be 1. Also, the getResult method creates a new Double instance each time: return new Double( data.total ); It might be better to do return Double.valueOf(data.total); to allow the JVM to hot spot optimize it. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 2 months

6
20
0 / 0

[JBoss JIRA] Created: (JBRULES-946) RuleBase serialization fails with StackOverflowError

by Alexandre Gattiker (JIRA)

RuleBase serialization fails with StackOverflowError ---------------------------------------------------- Key: JBRULES-946 URL: http://jira.jboss.com/jira/browse/JBRULES-946 Project: JBoss Rules Issue Type: Bug Security Level: Public (Everyone can see) Affects Versions: 4.0.0.MR2 Reporter: Alexandre Gattiker Assigned To: Mark Proctor I created 920 rules, all in this format, with different values in the string literals. rule "Rule_1" when $g:Parent() $c:Child(parent==$g,code=="yyy1") Item(parentObject==$c,name=="xxx1", value == "1") Item(parentObject==$c,name=="xxx2",value == "1") Item(parentObject==$g,name=="xxx3",value == "200") then System.out.println("2"); end With the following code, I create a RuleBase that I serialize. RuleBase ruleBase = RuleBaseFactory.newRuleBase(); PackageBuilderConfiguration conf = new PackageBuilderConfiguration(); conf.setCompiler(PackageBuilderConfiguration.JANINO); Reader source = new InputStreamReader(PolicyServiceImpl.class.getResourceAsStream(fileName)); PackageBuilder builder = new PackageBuilder(conf); builder.addPackageFromDrl(source); Package pkg = builder.getPackage(); ruleBase.addPackage(pkg); //serialize RuleBase File outFile = new File(f.getPath() + ".tmp"); FileOutputStream fout = new FileOutputStream(outFile); ObjectOutputStream oos = new ObjectOutputStream(fout); oos.writeObject(ruleBase); oos.close(); The serialization fails with the following exception. Otherwise the RuleBase is perfectly fine and working. java.lang.StackOverflowError at java.io.ByteArrayOutputStream.write(ByteArrayOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream$BlockDataOutputStream.write(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteObject(ObjectOutputStream.java(Compiled Code)) at java.util.ArrayList.writeObject(ArrayList.java(Compiled Code)) at sun.reflect.GeneratedMethodAccessor16.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java(Compiled Code)) at java.lang.reflect.Method.invoke(Method.java(Compiled Code)) at java.io.ObjectStreamClass.invokeWriteObject(ObjectStreamClass.java(Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java(Inlined Compiled Code)) at java.util.ArrayList.writeObject(ArrayList.java(Compiled Code)) at sun.reflect.GeneratedMethodAccessor16.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java(Compiled Code)) at java.lang.reflect.Method.invoke(Method.java(Compiled Code)) at java.io.ObjectStreamClass.invokeWriteObject(ObjectStreamClass.java(Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java(Inlined Compiled Code)) at java.util.ArrayList.writeObject(ArrayList.java(Compiled Code)) at sun.reflect.GeneratedMethodAccessor16.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java(Compiled Code)) at java.lang.reflect.Method.invoke(Method.java(Compiled Code)) at java.io.ObjectStreamClass.invokeWriteObject(ObjectStreamClass.java(Compiled Code)) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java(Compiled Code)) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java(Inlined Compiled Code)) (last four lines repeated over 1000 times) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 2 months

7
19
0 / 0

[JBoss JIRA] Created: (JBRULES-1347) BRDRLPersistence to render using modify keyword

by Michael Neale (JIRA)

BRDRLPersistence to render using modify keyword ----------------------------------------------- Key: JBRULES-1347 URL: http://jira.jboss.com/jira/browse/JBRULES-1347 Project: JBoss Drools Issue Type: Feature Request Security Level: Public (Everyone can see) Components: Drl Parser/Builder Affects Versions: 4.0.3 Reporter: Michael Neale Assigned To: Edson Tirelli Fix For: 4.1.0 Would be nice ot have DRL rendered using the modify construct in MVEL (not sure of the correct form) - if you (edson) think this is a good idea? For efficiency. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 2 months

7
19
0 / 0

[JBoss JIRA] Created: (JBRULES-1788) Clone rule parts when adding to Rete

by Mark Proctor (JIRA)

Clone rule parts when adding to Rete ------------------------------------ Key: JBRULES-1788 URL: https://jira.jboss.org/jira/browse/JBRULES-1788 Project: JBoss Drools Issue Type: Bug Security Level: Public (Everyone can see) Reporter: Mark Proctor Assignee: Mark Proctor When a Rule is added we want to clone any parts that are added to the ReteOO, so that we can then just discard the Rule itself and the contents to save space. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 2 months

6
18
0 / 0

[JBoss JIRA] Created: (JBRULES-2020) red-on-black code snippets in PDF

by Wolfgang Laun (JIRA)

red-on-black code snippets in PDF --------------------------------- Key: JBRULES-2020 URL: https://jira.jboss.org/jira/browse/JBRULES-2020 Project: JBoss Drools Issue Type: Quality Risk Security Level: Public (Everyone can see) Components: drools-docs Affects Versions: 5.0.0.CR1 Environment: n/a Reporter: Wolfgang Laun Assignee: Mark Proctor Priority: Critical Fix For: 5.0.0.CR1 In the PDF version of the docs, code snippets appear in red print on black backround. Headache tablets cost money. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 2 months

6
26
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2011