October 2012 - jboss-jira - Jboss List Archives

[JBoss JIRA] (AS7-5817) Update to 1003px grid system

by Heiko Braun (JIRA)

Heiko Braun created AS7-5817: -------------------------------- Summary: Update to 1003px grid system Key: AS7-5817 URL: https://issues.jboss.org/browse/AS7-5817 Project: Application Server 7 Issue Type: Feature Request Components: Console Reporter: Heiko Braun Assignee: Heiko Braun Fix For: 7.2.0.CR1 Modern times... -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 7 months

1
1
0 / 0

[JBoss JIRA] (AS7-4692) Review SecurityContext associations

by Darran Lofthouse (JIRA)

Darran Lofthouse created AS7-4692: ------------------------------------- Summary: Review SecurityContext associations Key: AS7-4692 URL: https://issues.jboss.org/browse/AS7-4692 Project: Application Server 7 Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.2.0.Alpha1 We should re-review the approach we take for security context association within AS7 containers. Back at the time of AS 3 it fairly reliable to assume a 1:1 mapping of thread and client with the incoming connection being allocated it's own thread, this is no longer automatically the case and different containers can use different threading models e.g. using Executors to handle asynchronous requests. The problem with using a ThreadLocal approach is that every time a container diverges from the 1:1 mapping of thread and client that container needs to work around the issue of an invalid SecurityContext association. One possibility is to pass responsibility for managing the context to the container although this then introduces the question of how it is passed from container to container. This issue needs to consider this further. Also need to review further how the security context can be created at all entry points to the server and how it can be manually switched now that we use SASL on entry for remote calls we do now have the opportunity for equivalent behaviour at the entry point for both web and ejb type calls - in the past we only had this opportunity for web based calls and would only create a security context on entering the interceptors for the EJB calls. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 7 months

1
1
0 / 0

[JBoss JIRA] (AS7-4693) Revisit authenticated user / authorized user split

by Darran Lofthouse (JIRA)

Darran Lofthouse created AS7-4693: ------------------------------------- Summary: Revisit authenticated user / authorized user split Key: AS7-4693 URL: https://issues.jboss.org/browse/AS7-4693 Project: Application Server 7 Issue Type: Task Components: Remoting, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.2.0.Alpha1 When establishing a connection a remote user can specify the user they want to be authorized as which can be different to the user they authenticate as, e.g. a user with appropriate permissions may want to connect as an administrator or a user given access to someone elses account may want to connect as them. We need to re-visit this including validation that they can connect as the user they are asking to. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 7 months

1
1
0 / 0

[JBoss JIRA] (AS7-4665) Re visit authentication tokens

by Darran Lofthouse (JIRA)

Darran Lofthouse created AS7-4665: ------------------------------------- Summary: Re visit authentication tokens Key: AS7-4665 URL: https://issues.jboss.org/browse/AS7-4665 Project: Application Server 7 Issue Type: Task Components: Domain Management Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.2.Final-redhat1 We had previously considered authentication tokens for the realm secured interfaces, this issue is just to track re-considering them again. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 7 months

2
3
0 / 0

[JBoss JIRA] (AS7-5047) Allow more control over authentication for server to server communication through remote-outbound-connection

by jaikiran pai (JIRA)

jaikiran pai created AS7-5047: --------------------------------- Summary: Allow more control over authentication for server to server communication through remote-outbound-connection Key: AS7-5047 URL: https://issues.jboss.org/browse/AS7-5047 Project: Application Server 7 Issue Type: Feature Request Components: Security Affects Versions: 7.1.2.Final (EAP), 7.1.1.Final Reporter: jaikiran pai Assignee: Anil Saldhana Right now for server to server communication via a remote-outbound-connection, we expect a static username to be specified (along with the security realm). User applications which use this remote-outbound-connection, for example an EJB application, do not have much control over the user/pass information, since the username is static. This further acts a drawback since the username that's used to connect to the remote server will be used as the (application) user who invoked the EJB. It would be good to allow more control over the authentication for the remote-outbound-connection. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 7 months

5
9
0 / 0

[JBoss JIRA] Created: (JBRULES-3155) Bug with default properties in KnowledgeStoreServiceImpl

by Pavel Sknar (JIRA)

Bug with default properties in KnowledgeStoreServiceImpl -------------------------------------------------------- Key: JBRULES-3155 URL: https://issues.jboss.org/browse/JBRULES-3155 Project: Drools Issue Type: Bug Security Level: Public (Everyone can see) Components: drools-core Affects Versions: 5.2.0.Final Reporter: Pavel Sknar Assignee: Mark Proctor Priority: Critical Method setDefaultImplementations() set default properties in configProps (class KnowledgeStoreServiceImpl). mergeConfig() execute after specific properties loaded to configuration. This overlaps specific properties. [17:08] <pavlz> hi [17:09] <pavlz> I have bug for you [17:09] <Rikkola> :( [17:10] <pavlz> Problem with KnowledgeStoreServiceImpl [17:10] <pavlz> in org.drools.persistence.jpa [17:12] <pavlz> default properties merged first in config (in ChainedProperties: this.props.add( 0, properties )) [17:14] <pavlz> and this overlaps specific properties [17:15] <pavlz> drools.commandService, drools.timerService and else [17:15] <pavlz> I have this bug in 5.2.0.Final [17:23] <conan> pavlz: do you have a fix? [17:25] <pavlz> No, I see this now [17:27] <pavlz> but I think: need to create in ChainedProperties new method "setDefaultProperties" [17:29] <pavlz> and in SessionConfiguration too, to use this method in KnowledgeStoreServiceImpl.mergeConfig() [17:30] <pavlz> then default properties loaded later [17:31] <Rikkola> pavlz: best to make a jira about it [17:31] <Rikkola> https://issues.jboss.org/browse/JBRULES [17:31] <pavlz> ok -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 7 months

5
19
0 / 0

[JBoss JIRA] Created: (AS7-1038) Add http to https redirect capability to http-interface

by Darran Lofthouse (JIRA)

Add http to https redirect capability to http-interface ------------------------------------------------------- Key: AS7-1038 URL: https://issues.jboss.org/browse/AS7-1038 Project: Application Server 7 Issue Type: Task Components: Domain Management Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.0.0.CR1 -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 7 months

4
9
0 / 0

[JBoss JIRA] (AS7-4195) Pass through Digest authentication against LDAP

by Darran Lofthouse (JIRA)

Darran Lofthouse created AS7-4195: ------------------------------------- Summary: Pass through Digest authentication against LDAP Key: AS7-4195 URL: https://issues.jboss.org/browse/AS7-4195 Project: Application Server 7 Issue Type: Task Components: Domain Management, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.2.0.Alpha1 It is possible for a client to authenticate against an LDAP server using Digest authentication. This task is to make use of this with both our SASL mechanism and HTTP authenticator to provide a pass through check. We need AS7-3691 first and then this needs to be implemented in a way that can consistently be used for both SASL and HTTP Digest. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 7 months

2
2
0 / 0

[JBoss JIRA] (AS7-3691) A Negotiated HTTP Authenticator

by Darran Lofthouse (JIRA)

Darran Lofthouse created AS7-3691: ------------------------------------- Summary: A Negotiated HTTP Authenticator Key: AS7-3691 URL: https://issues.jboss.org/browse/AS7-3691 Project: Application Server 7 Issue Type: Task Components: Domain Management, Security, Web Reporter: Darran Lofthouse Assignee: Darran Lofthouse Historically we have become constrained by an assumption that there should be a single authentication mechanism assigned to a web application. The HTTP specification however allows for multiple mechanisms to be used in parallel - this task is to investigate the feasibility of writing a single authenticator that is compatible with both JBoss Web and the Sun HTTP server used within AS7 to support a negotiated authentication using a single authenticator backed by a CallbackHandler based realm. The most common example is fallback from SPNEGO to a username / password based mechanism but for domain management we have also a case of trying to use CLIENT-CERT authentication first and then fallback if that is not possible. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 7 months

1
5
0 / 0

[JBoss JIRA] (AS7-4224) Please add a more intuitive way to configure access logging

by Alex Holmansky (JIRA)

Alex Holmansky created AS7-4224: ----------------------------------- Summary: Please add a more intuitive way to configure access logging Key: AS7-4224 URL: https://issues.jboss.org/browse/AS7-4224 Project: Application Server 7 Issue Type: Enhancement Components: CLI, Console Affects Versions: 7.1.0.Final Environment: Windows 7, CentOS 6 Reporter: Alex Holmansky Assignee: Alexey Loubyansky Priority: Minor There's currently no intuitive way to configure access logging in the web subsystem. In the CLI I can get to what seems like the right area: [standalone@localhost:9999 /] cd /subsystem=web/virtual-server=default-host [standalone@localhost:9999 virtual-server=default-host] ls access-log rewrite sso alias=["localhost","example.com"] default-web-module=ROOT.war enable-welcome-root=true and even [standalone@localhost:9999 virtual-server=default-host] cd access-log [standalone@localhost:9999 access-log] pwd /subsystem=web/virtual-server=default-host/access-log but it's absolutely unclear what to do next. In the web Admin Console this should be under Web->Servlet/HTTP->Virtual Servers, but is missing. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 7 months

5
10
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira October 2012