May 2011 - jboss-jira - Jboss List Archives

[JBoss JIRA] Created: (AS7-763) Add operations for security domains

by Marcus Moyses (JIRA)

Add operations for security domains ----------------------------------- Key: AS7-763 URL: https://issues.jboss.org/browse/AS7-763 Project: Application Server 7 Issue Type: Feature Request Components: Security Affects Versions: 7.0.0.Beta3 Reporter: Marcus Moyses Assignee: Marcus Moyses Fix For: 7.0.0.CR1 We need some operations included for the domain model security domain elements. We already have an operation to add new security domains. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 1 month

1
2
0 / 0

[JBoss JIRA] Created: (JBAS-9208) Add authentication cache for standalone server

by Marcus Moyses (JIRA)

Add authentication cache for standalone server ---------------------------------------------- Key: JBAS-9208 URL: https://issues.jboss.org/browse/JBAS-9208 Project: JBoss Application Server Issue Type: Feature Request Security Level: Public (Everyone can see) Components: Security Affects Versions: 7.0.0.Beta1 Reporter: Marcus Moyses Assignee: Marcus Moyses Fix For: 7.0.0.Beta2 Add authentication cache for standalone server to replicate functionality that existed in previous versions. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 1 month

2
6
0 / 0

[JBoss JIRA] Created: (AS7-733) Provide complete set of supported OSGi functionality as AS test cases

by Thomas Diesler (JIRA)

Provide complete set of supported OSGi functionality as AS test cases --------------------------------------------------------------------- Key: AS7-733 URL: https://issues.jboss.org/browse/AS7-733 Project: Application Server 7 Issue Type: Task Reporter: Thomas Diesler Assignee: Thomas Diesler Fix For: 7.0.0.CR1 A large portion of supported OSGi functionality (including Enterprise OSGi functionality) is covered outside the AS7 code base. In the past this had led to "last minute" breakage of OSGi functionality. High level OSGi functional/integration tests should be part of the AS7 code base to avoid that. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 1 month

1
1
0 / 0

[JBoss JIRA] Created: (JBMESSAGING-1863) Adding more unit tests

by Yong Hao Gao (JIRA)

Adding more unit tests ---------------------- Key: JBMESSAGING-1863 URL: https://issues.jboss.org/browse/JBMESSAGING-1863 Project: JBoss Messaging Issue Type: Quality Risk Reporter: Yong Hao Gao Assignee: Yong Hao Gao In messaging-service.xml, the following attributes were found not tested, it's possible to add them to unit test: 1 EnableMessageCounters Set this to true to enable message counters when the server starts This is used to turn on some of ServerPeer's mbean opeartions: getMessageCounters getMessageStatistics getDefaultMessageCounterHistoryDayLimit 2 Destinations Returns a list of the destinations (queues and topics) currently deployed. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 1 month

1
0
0 / 0

[JBoss JIRA] Created: (AS7-749) Expose useSynchronization from infinispan subsystem schema

by Paul Ferraro (JIRA)

Expose useSynchronization from infinispan subsystem schema ---------------------------------------------------------- Key: AS7-749 URL: https://issues.jboss.org/browse/AS7-749 Project: Application Server 7 Issue Type: Enhancement Components: Clustering Affects Versions: 7.0.0.Beta3 Reporter: Paul Ferraro Assignee: Paul Ferraro Fix For: 7.0.0.CR1 By default, useSynchronization should be true. Add schema option to disable. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 1 month

1
2
0 / 0

[JBoss JIRA] Created: (SECURITY-591) Single security domain with DatabaseSourceLoginModule and DatabaseCertLoginModule only works if allowUnsafeLegacyRenegotiation="true"

by Justin Cranford (JIRA)

Single security domain with DatabaseSourceLoginModule and DatabaseCertLoginModule only works if allowUnsafeLegacyRenegotiation="true" ------------------------------------------------------------------------------------------------------------------------------------- Key: SECURITY-591 URL: https://issues.jboss.org/browse/SECURITY-591 Project: PicketBox (JBoss Security and Identity Management) Issue Type: Bug Security Level: Public (Everyone can see) Components: JBossSX Affects Versions: PicketBox_v3_0_CR2 Environment: Windows 7 Enterprise x64 Eclipse EE 3.6.2 Oracle JDK 6u24 JBoss 6.0 AS Final (PicketBox 3.0.0CR2) SQL Server Express 2008 R2 x64 Reporter: Justin Cranford Assignee: Anil Saldhana I am blocked by broken functionality in JBossSX login modules. The functionality is broken because SSL renegotiation is disabled. Disabling SSL renegotiation is valid, but is it possible to fix or workaround the login module issue without enabling SSL renegotiation? - I posed this question on the PicketBox forum, but perhaps it belongs here instead. http://community.jboss.org/message/604544#604544 - I get similar exceptions in Resteasy as what this person reported in SOAP. https://issues.jboss.org/browse/JBPAPP-3889 - The original issue to disable SSl renegotiation by default is tracked by this issue, and it mentions how functionality might break. However, there is no mention of potential workarounds or fixes. https://issues.jboss.org/browse/JBPAPP-3845 My requirements are to support Resteasy web access over HTTPS using one of 2 authentication methods. For localhost access, user/pass authentication is sufficient. For remote access, X.509 client cert authentication is required. To implement these requirements, I deployed two nearly identical Resteasy web apps. The only differences are the context path in jboss-web.xml, and <auth-constraint> and <auth-method> in web.xml. 1) localhost HTTPS web app => username/password (LocalAdmin role only) <login-config><auth-method>BASIC</auth-method><realm-name>JustinCranfordSecurityDomain</realm-name></login-config> <security-role><role-name>LocalAdmin</role-name></security-role> 2) remote HTTPS => x.509 client cert (RemoteAdmin role only) <login-config><auth-method>CLIENT-CERT</auth-method><realm-name>JustinCranfordSecurityDomain</realm-name></login-config> <security-role><role-name>RemoteAdmin</role-name></security-role> Both web apps are wrappers for the same EJB3 code, so I am forced to combine DatabaseServerLoginModule and DatabaseCertLoginModule into the same <application-policy> in login-config.xml. <application-policy name="JustinCranfordSecurityDomain"> <authentication> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="sufficient"> <module-option name="dsJndiName">java:/JustinCranfordDataSource</module-option> <module-option name="principalsQuery">SELECT password FROM actor WHERE name=?</module-option> <module-option name="rolesQuery">SELECT r.name,'Roles' FROM actor a,role r WHERE r.id=a.roleid AND a.name=?</module-option> <module-option name="hashAlgorithm">MD5</module-option> <module-option name="hashEncoding">base64</module-option> <module-option name="unauthenticatedIdentity">unauthenticated</module-option> </login-module> <login-module code="org.jboss.security.auth.spi.DatabaseCertLoginModule" flag="required"> <module-option name="securityDomain">java:/jaas/JustinCranfordSecurityDomain</module-option> <module-option name="dsJndiName">java:/JustinCranfordDataSource</module-option> <module-option name="principalsQuery">SELECT password FROM actor WHERE dname=?</module-option> <module-option name="rolesQuery">SELECT r.name,'Roles' FROM actor a,role r WHERE r.id=a.roleid AND a.dname=?</module-option> <module-option name="hashAlgorithm">MD5</module-option> <module-option name="hashEncoding">base64</module-option> <module-option name="unauthenticatedIdentity">unauthenticated</module-option> </login-module> <login-module code="org.jboss.security.ClientLoginModule" flag="required"></login-module> </authentication> </application-policy> DatabaseCertLoginModule only works if my web app turns on SSL renegotiation in server.xml via the allowUnsafeLegacyRenegotiation="true" attribute. If turned off, I get SSL renegotiation disabled messages in JBossSX login modules. However, DatabaseCertLoginModule says the user is authenticated, and I see "Successfully passed all security constraints". Unfortunately JBossWebRealm then throws an exception "Security Context has not been set", control passes to Resteasy, and then "jboss.web" container throws an exception "Exception getting SSL attributes: java.net.SocketException: Socket Closed" and "No certificates included with this request". At the very least, JBossSX should handle these problems more gracefully. SSL renegotiation is disabled by default after all. Is is possible to fix these issues in JBossSX? Are there any workarounds in the meantime? -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 1 month

1
1
0 / 0

[JBoss JIRA] Created: (JBRULES-3020) droolsjbpm-integration example does not compile in Eclipse

by Jervis Liu (JIRA)

droolsjbpm-integration example does not compile in Eclipse ---------------------------------------------------------- Key: JBRULES-3020 URL: https://issues.jboss.org/browse/JBRULES-3020 Project: Drools Issue Type: Bug Security Level: Public (Everyone can see) Affects Versions: 5.2.0.M2 Reporter: Jervis Liu Assignee: Mark Proctor Priority: Critical Fix For: 5.2.0.CR1 droolsjbpm-integration example does not compile in Eclipse. How to reproduce: 1. download droolsjbpm-integration distribution from https://hudson.qa.jboss.com/hudson/view/Drools%20jBPM/job/droolsjbpm-inte... 2. build examples using the pom provided: mvn eclipse:eclipse 3. Import project into Eclipse 4. There are 323 errors in Eclipse -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 1 month

2
5
0 / 0

[JBoss JIRA] Created: (JBRULES-3016) The screen shot in "Drools Expert User Guide" section 8.3 is out-of-date.

by Jervis Liu (JIRA)

The screen shot in "Drools Expert User Guide" section 8.3 is out-of-date. -------------------------------------------------------------------------- Key: JBRULES-3016 URL: https://issues.jboss.org/browse/JBRULES-3016 Project: Drools Issue Type: Bug Security Level: Public (Everyone can see) Affects Versions: 5.2.0.M2 Reporter: Jervis Liu Assignee: Mark Proctor Fix For: 5.2.0.CR1 The screen shot in "Drools Expert User Guide" section 8.3 is out-of-date. Attached is the screen shot from the latest version. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 1 month

2
3
0 / 0

[JBoss JIRA] Created: (JBRULES-3015) Please update "Drools Expert User Guide" Chapter 8. The Rule IDE (Eclipse), to doc how to add a new Drools runtime.

by Jervis Liu (JIRA)

Please update "Drools Expert User Guide" Chapter 8. The Rule IDE (Eclipse), to doc how to add a new Drools runtime. -------------------------------------------------------------------------------------------------------------------- Key: JBRULES-3015 URL: https://issues.jboss.org/browse/JBRULES-3015 Project: Drools Issue Type: Enhancement Security Level: Public (Everyone can see) Components: drools-docs Affects Versions: 5.2.0.M2 Reporter: Jervis Liu Assignee: Mark Proctor Fix For: 5.2.0.CR1 Please update "Drools Expert User Guide" Chapter 8. The Rule IDE (Eclipse), to doc how to add a new Drools runtime. This can be confusing for new users. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 1 month

2
3
0 / 0

[JBoss JIRA] Created: (AS7-673) Intermittent smoke test failures in embedded.osgi package

by Brian Stansberry (JIRA)

Intermittent smoke test failures in embedded.osgi package --------------------------------------------------------- Key: AS7-673 URL: https://issues.jboss.org/browse/AS7-673 Project: Application Server 7 Issue Type: Bug Components: OSGi Reporter: Brian Stansberry Assignee: Jason Greene Scott Marlow and I seeing intermittent failures in the smoke tests in the embedded.osgi package: SimpleDeploymentProviderTestCase or SimpleArchiveDeployerTestCase. I'll attach representative test output. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 1 month

2
4
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2011