January 2012 - jboss-jira - Jboss List Archives

[JBoss JIRA] (AS7-3464) add-user.sh - possibility of setting another Realms should be considered again

by Rajesh Rajasekaran (JIRA)

[ https://issues.jboss.org/browse/AS7-3464?page=com.atlassian.jira.plugin.s... ] Rajesh Rajasekaran updated AS7-3464: ------------------------------------ Priority: Minor (was: Critical) add-user.sh is just to get the user quickly started with the admin console. Adding new security realms would be managed by the admin console or CLI. The UI installer for EAP6 will bypass the add-user script and provide functionality in the installer for adding user. > add-user.sh - possibility of setting another Realms should be considered again > ------------------------------------------------------------------------------ > > Key: AS7-3464 > URL: https://issues.jboss.org/browse/AS7-3464 > Project: Application Server 7 > Issue Type: Bug > Components: Security > Affects Versions: 7.1.0.CR1b > Reporter: Pavel Janousek > Assignee: Anil Saldhana > Priority: Minor > > I'm aware of add-user.sh isn't general tool for managing an user/groups/roles credential store at all. Is it supposed only as shorthand for quick definition of users access to admin console out of the box. Well.. > According previous paragraph it isn't to much meaningful for me to bring possibility of specify another realm during the invocation of this tool. I think already - Admin console can use another realm than ManagementRealm by change default configuration. I think already too - property file can't contain users definition belong multiple realms. As is stated in comment in the begin of file mgmt-users.properties, this file is for "declaration of users for the realm 'ManagementRealm'". > I think we should avoid to insert new user with different realm there (it is possible now). add-user.sh doesn't manage any other file and other property file(s) can't be specified during invocation. > I think this present situation/behavior should confuse hard our end-users - especially users with their own experiences with other JEE servers (Apache Geronimo, Sun/Oracle GlassFish etc.). > Because we don't provide/support any tool for general CRUD managing of credential store of type like property file(s) - like other JEE app. servers do, we really should use this script/tool only as way to simple very basic user creation in default AS7 environment, because we can't support this tool in any other situation with present behavior and in a such changed environments behavior or final state is hardly understandable (if we create property file (by other way) with the same username, but in different realms, we can't log to admin console never more; if we have users in one realm, switch AS7 instance to use other "admin" realm, we can't add any from existing user to this new realm; we don't know which user belongs to which realm later etc.) > So conclusion - I think we should remove specification of Realm from input process of add-user.sh script at all and use this script only to define users belongs to ManagementRealm realm and manages only properly mgmt-users.properties files (standalone and domain configuration) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 3 months

1
0
0 / 0

[JBoss JIRA] (AS7-3470) ChannelService and dependent services should start asynchronously

by Paul Ferraro (JIRA)

Paul Ferraro created AS7-3470: --------------------------------- Summary: ChannelService and dependent services should start asynchronously Key: AS7-3470 URL: https://issues.jboss.org/browse/AS7-3470 Project: Application Server 7 Issue Type: Bug Components: Clustering Affects Versions: 7.1.0.CR1b Reporter: Paul Ferraro Assignee: Paul Ferraro Fix For: 7.1.0.Final Otherwise, the MSC service thread pool can dry up. ChannelService.getValue() should block on availability of started channel. Same async start logic should be applied to dependent services. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 3 months

1
0
0 / 0

[JBoss JIRA] (AS7-3447) IllegalStateException when Query Cache is enabled

by Zbyněk Roubalík (JIRA)

Zbyněk Roubalík created AS7-3447: ------------------------------------ Summary: IllegalStateException when Query Cache is enabled Key: AS7-3447 URL: https://issues.jboss.org/browse/AS7-3447 Project: Application Server 7 Issue Type: Bug Components: JPA / Hibernate Affects Versions: 7.1.0.CR1b Reporter: Zbyněk Roubalík Assignee: Scott Marlow Fix For: 7.1.0.Final I've updated AS7 sources from master branch, then enabled Query cache in [SecondLevelCacheTestCase|https://github.com/jbossas/jboss-as/blob/master/...] (put <property name="hibernate.cache.use_query_cache" value="true"/> in persistence.xml) and then got IllegalStateException. This tests passes but the exception can be found in server.log: ERROR [org.infinispan.interceptors.InvocationContextInterceptor] (pool-4-thread-1) ISPN000136: Execution error: java.lang.IllegalStateException: Transaction TransactionImple < ac, BasicAction: 0:ffff7f000001:cbbd222:4f1f2b9a:8 status: ActionStatus.COMMITTED > is not in a valid state to be invoking cache operations on. server output: http://pastebin.com/xMZEuMp1 When Query cache is disabled, everything is OK. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 3 months

2
4
0 / 0

[JBoss JIRA] (AS7-3466) Inconsistency in --help output between domain and standalone

by Rostislav Svoboda (JIRA)

Rostislav Svoboda created AS7-3466: -------------------------------------- Summary: Inconsistency in --help output between domain and standalone Key: AS7-3466 URL: https://issues.jboss.org/browse/AS7-3466 Project: Application Server 7 Issue Type: Bug Components: Scripts Affects Versions: 7.1.0.CR1b Reporter: Rostislav Svoboda Assignee: Brian Stansberry Fix For: 7.1.0.Final Help for standalone.sh is using logging infrastructure and help for domain.sh is probably using just stdout. - I'd prefer to use domain.sh way without '16:42:57,124 INFO [stdout]' details. Please sync output for both commands. - There is typo in help for standalone.sh, it says '\-\-\-\-server-config=<config>', '\-' should be there just twice. {code} bin/domain.sh --help ... --admin-only JBAS012066: Set the host controller's running type to ADMIN_ONLY causing it to open administrative interfaces and accept management requests but not start servers or, if this host controller is the master for the domain, accept incoming connections from slave host controllers. ... bin/standalone.sh --help ... 16:42:57,124 INFO [stdout] --admin-only Set the server's running type to 16:42:57,124 INFO [stdout] ADMIN_ONLY causing it to open 16:42:57,124 INFO [stdout] administrative interfaces and accept 16:42:57,124 INFO [stdout] management requests but not start other 16:42:57,124 INFO [stdout] runtime services or accept end user 16:42:57,124 INFO [stdout] requests. ... {code} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 3 months

2
1
0 / 0

[JBoss JIRA] (AS7-2670) Interface constraints not properly handled

by Heiko Braun (Created) (JIRA)

Interface constraints not properly handled ------------------------------------------ Key: AS7-2670 URL: https://issues.jboss.org/browse/AS7-2670 Project: Application Server 7 Issue Type: Bug Components: Domain Management Reporter: Heiko Braun Assignee: Emanuel Muckenhuber Fix For: 7.1.0.CR1 I would think this combination is valid, but it leads to "JBAS014696: any-address is invalid in combination with any-ipv4-address, any-ipv6-address" {noformat} [INFO] "steps" => [ [INFO] { [INFO] "address" => [("interface" => "management")], [INFO] "operation" => "write-attribute", [INFO] "name" => "inet-address", [INFO] "value" => undefined [INFO] }, [INFO] { [INFO] "address" => [("interface" => "management")], [INFO] "operation" => "write-attribute", [INFO] "name" => "any-address", [INFO] "value" => false [INFO] }, [INFO] { [INFO] "address" => [("interface" => "management")], [INFO] "operation" => "write-attribute", [INFO] "name" => "any-ipv6-address", [INFO] "value" => true [INFO] }, [INFO] { [INFO] "address" => [("interface" => "management")], [INFO] "operation" => "write-attribute", [INFO] "name" => "any-ipv4-address", [INFO] "value" => false [INFO] } [INFO] ] [INFO] } {noformat} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 3 months

3
2
0 / 0

[JBoss JIRA] (AS7-3444) Fix description for read-resource operation

by Rostislav Svoboda (JIRA)

Rostislav Svoboda created AS7-3444: -------------------------------------- Summary: Fix description for read-resource operation Key: AS7-3444 URL: https://issues.jboss.org/browse/AS7-3444 Project: Application Server 7 Issue Type: Bug Components: Domain Management Reporter: Rostislav Svoboda Assignee: Emanuel Muckenhuber Fix For: 7.1.0.Final {code} bin/jboss-admin.sh -c command=":read-operation-description(name="read-resource")" ... "include-runtime" => { "type" => BOOLEAN, "description" => "Whether to include runtime attributes (i.e. those whose value does not come from the persistent configuration) in the response. If absent, false is the default. Ignored if the 'recursive' parameter is set to true; i.e. runtime attributes can only be read in non-recursive queries.", ... {code} Remove 'Ignored if the 'recursive' parameter is set to true; i.e. runtime attributes can only be read in non-recursive queries.' Support for recursive queries with runtime details was added in AS7-2033 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 3 months

2
1
0 / 0

[JBoss JIRA] (AS7-3467) CLONE - Inconsistency in --help output between domain and standalone

by Rostislav Svoboda (JIRA)

Rostislav Svoboda created AS7-3467: -------------------------------------- Summary: CLONE - Inconsistency in --help output between domain and standalone Key: AS7-3467 URL: https://issues.jboss.org/browse/AS7-3467 Project: Application Server 7 Issue Type: Bug Components: Scripts Affects Versions: 7.1.0.CR1b Reporter: Rostislav Svoboda Assignee: Brian Stansberry Fix For: 7.1.0.Final Help for standalone.sh is using logging infrastructure and help for domain.sh is probably using just stdout. - I'd prefer to use domain.sh way without '16:42:57,124 INFO [stdout]' details. Please sync output for both commands. - There is typo in help for standalone.sh, it says '\-\-\-\-server-config=<config>', '\-' should be there just twice. {code} bin/domain.sh --help ... --admin-only JBAS012066: Set the host controller's running type to ADMIN_ONLY causing it to open administrative interfaces and accept management requests but not start servers or, if this host controller is the master for the domain, accept incoming connections from slave host controllers. ... bin/standalone.sh --help ... 16:42:57,124 INFO [stdout] --admin-only Set the server's running type to 16:42:57,124 INFO [stdout] ADMIN_ONLY causing it to open 16:42:57,124 INFO [stdout] administrative interfaces and accept 16:42:57,124 INFO [stdout] management requests but not start other 16:42:57,124 INFO [stdout] runtime services or accept end user 16:42:57,124 INFO [stdout] requests. ... {code} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 3 months

1
0
0 / 0

[JBoss JIRA] (JBRULES-3326) drl compilation failed when encountering multiple continuous '!' (a.k.a 'not' operator)s

by Miles Wen (Created) (JIRA)

drl compilation failed when encountering multiple continuous '!' (a.k.a 'not' operator)s ---------------------------------------------------------------------------------------- Key: JBRULES-3326 URL: https://issues.jboss.org/browse/JBRULES-3326 Project: Drools Issue Type: Bug Security Level: Public (Everyone can see) Components: drools-compiler (expert) Affects Versions: 5.3.0.Final Environment: jdk 1.6u27, ubuntu linux 11.04 Reporter: Miles Wen Assignee: Mark Proctor this code: rule "out" when Msg(!!!false) then end compile failed with message: Unable to Analyse Expression !!!false: [Error: unexpected operator '!'] [Near : {... !!!false ....}] ^ [Line: 16, Column: 12] : [Rule name='out'] but Msg(!false) compiles correctly. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 3 months

5
4
0 / 0

[JBoss JIRA] (AS7-3464) add-user.sh - possibility of setting another Realms should be considered again

by Pavel Janousek (JIRA)

[ https://issues.jboss.org/browse/AS7-3464?page=com.atlassian.jira.plugin.s... ] Pavel Janousek moved JBPAPP-8000 to AS7-3464: --------------------------------------------- Project: Application Server 7 (was: JBoss Enterprise Application Platform) Key: AS7-3464 (was: JBPAPP-8000) Workflow: GIT Pull Request workflow (was: jira) Affects Version/s: 7.1.0.CR1b (was: EAP 6.0.0 DR 12) Component/s: Security (was: Security) Security: (was: JBoss Internal) Docs QE Status: (was: NEW) > add-user.sh - possibility of setting another Realms should be considered again > ------------------------------------------------------------------------------ > > Key: AS7-3464 > URL: https://issues.jboss.org/browse/AS7-3464 > Project: Application Server 7 > Issue Type: Bug > Components: Security > Affects Versions: 7.1.0.CR1b > Reporter: Pavel Janousek > Assignee: Anil Saldhana > Priority: Critical > > I'm aware of add-user.sh isn't general tool for managing an user/groups/roles credential store at all. Is it supposed only as shorthand for quick definition of users access to admin console out of the box. Well.. > According previous paragraph it isn't to much meaningful for me to bring possibility of specify another realm during the invocation of this tool. I think already - Admin console can use another realm than ManagementRealm by change default configuration. I think already too - property file can't contain users definition belong multiple realms. As is stated in comment in the begin of file mgmt-users.properties, this file is for "declaration of users for the realm 'ManagementRealm'". > I think we should avoid to insert new user with different realm there (it is possible now). add-user.sh doesn't manage any other file and other property file(s) can't be specified during invocation. > I think this present situation/behavior should confuse hard our end-users - especially users with their own experiences with other JEE servers (Apache Geronimo, Sun/Oracle GlassFish etc.). > Because we don't provide/support any tool for general CRUD managing of credential store of type like property file(s) - like other JEE app. servers do, we really should use this script/tool only as way to simple very basic user creation in default AS7 environment, because we can't support this tool in any other situation with present behavior and in a such changed environments behavior or final state is hardly understandable (if we create property file (by other way) with the same username, but in different realms, we can't log to admin console never more; if we have users in one realm, switch AS7 instance to use other "admin" realm, we can't add any from existing user to this new realm; we don't know which user belongs to which realm later etc.) > So conclusion - I think we should remove specification of Realm from input process of add-user.sh script at all and use this script only to define users belongs to ManagementRealm realm and manages only properly mgmt-users.properties files (standalone and domain configuration) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 3 months

1
0
0 / 0

[JBoss JIRA] Created: (JBJCA-496) IronJacamar under a security manager

by Jesper Pedersen (JIRA)

IronJacamar under a security manager ------------------------------------ Key: JBJCA-496 URL: https://issues.jboss.org/browse/JBJCA-496 Project: IronJacamar Issue Type: Task Components: Test suite Reporter: Jesper Pedersen Assignee: Peter Skopek We should have a test case which tests deploying a resource adapter to IronJacamar running under a security manager. The rules should be as strict as possible to catch any issues. -- This message is automatically generated by JIRA. - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 3 months

1
1
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2012