April 2012 - jboss-jira - Jboss List Archives

[JBoss JIRA] Created: (AS7-1712) Implement an account lockout mechanism for domain management.

by Darran Lofthouse (JIRA)

Implement an account lockout mechanism for domain management. ------------------------------------------------------------- Key: AS7-1712 URL: https://issues.jboss.org/browse/AS7-1712 Project: Application Server 7 Issue Type: Task Components: Domain Management, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Beta1 One issue to consider is that we are using realms to integrate with existing user stores so may not be able to update the remote store: - - Consider an option to update the remote store if possible. - If not cache a backlisted user until an admin unlocks that account -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 6 months

2
4
0 / 0

[JBoss JIRA] Created: (AS7-977) Dynamic Detection of SPNEGO auth method and adding of NegotiationAuthenticator

by Darran Lofthouse (JIRA)

Dynamic Detection of SPNEGO auth method and adding of NegotiationAuthenticator ------------------------------------------------------------------------------ Key: AS7-977 URL: https://issues.jboss.org/browse/AS7-977 Project: Application Server 7 Issue Type: Task Components: Security, Web Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Alpha1 Previously a mapping for the SPNEGO auth method and the authenticator had to be manually defined, this capability is not present in AS7 however it is suggested that alternatively we can detect the auth method ourselves and dynamically add the valve - this seems cleaner as it potentially allows SPNEGO to be added/removed from a server without manual configuration being required. It is suggested to look at the following code for an example where a valve has been added dynamically before: - org.jboss.as.jpa.processor.PersistenceUnitDeploymentProcessor in the JPA subsystem. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 6 months

2
6
0 / 0

[JBoss JIRA] (AS7-4196) Update the pluggable user store SPI to allow for modifications to the store through domain operations

by Darran Lofthouse (JIRA)

Darran Lofthouse created AS7-4196: ------------------------------------- Summary: Update the pluggable user store SPI to allow for modifications to the store through domain operations Key: AS7-4196 URL: https://issues.jboss.org/browse/AS7-4196 Project: Application Server 7 Issue Type: Task Components: Domain Management, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.2.0.Alpha1 This should be something along the lines of 'If the user store implements interface X expose domain management ops to update the store' This would be optional so either read only stores or fully manageable stores can be used with AS7 realms. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 6 months

1
1
0 / 0

[JBoss JIRA] Created: (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

by Darran Lofthouse (JIRA)

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.0.0.CR1 Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 6 months

3
8
0 / 0

[JBoss JIRA] (AS7-2771) ModelControllerClient operations don't fail on invalud username/password

by Thomas Diesler (Created) (JIRA)

ModelControllerClient operations don't fail on invalud username/password ------------------------------------------------------------------------ Key: AS7-2771 URL: https://issues.jboss.org/browse/AS7-2771 Project: Application Server 7 Issue Type: Bug Components: Domain Management, JSR-88 Reporter: Thomas Diesler Assignee: Darran Lofthouse Priority: Critical Running org.jboss.as.test.smoke.jsr88.EnterpriseDeploymentTestCase Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 128.98 sec There should be a test failure with this {code} @Test public void testListAvailableModulesUnauthorized() throws Exception { DeploymentManager manager = getDeploymentManager("nobody", "nopass"); Target[] targets = manager.getTargets(); // [TODO] This should fail already TargetModuleID[] availableModules = manager.getAvailableModules(ModuleType.EAR, targets); assertNull(availableModules); ProgressObject progress = jsr88Deploy(manager, getEarArchive()); TargetModuleID[] targetModules = progress.getResultTargetModuleIDs(); try { availableModules = manager.getAvailableModules(ModuleType.EAR, targets); assertNotNull(availableModules); assertEquals(1, availableModules.length); TargetModuleID targetModuleID = availableModules[0]; String moduleID = targetModuleID.getModuleID(); assertTrue("Ends with deployment-app.ear", moduleID.endsWith("deployment-app.ear")); // [TODO] verify child modules } finally { jsr88Undeploy(manager, targetModules); } } {code} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 6 months

7
7
0 / 0

[JBoss JIRA] Created: (AS7-1372) Domain Management - Enable silent authentication using Kerberos

by Darran Lofthouse (JIRA)

Domain Management - Enable silent authentication using Kerberos --------------------------------------------------------------- Key: AS7-1372 URL: https://issues.jboss.org/browse/AS7-1372 Project: Application Server 7 Issue Type: Task Components: Domain Management, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Beta1 It should be possible for users to authenticate for domain management using Kerberos. Over the HTTP interface this will be SPNEGO, for the Native connection we use SASL so can use GSSAPI -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 6 months

2
5
0 / 0

[JBoss JIRA] (AS7-2488) Make realms fully manageable through domain.

by Darran Lofthouse (Created) (JIRA)

Make realms fully manageable through domain. -------------------------------------------- Key: AS7-2488 URL: https://issues.jboss.org/browse/AS7-2488 Project: Application Server 7 Issue Type: Feature Request Components: Domain Management, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.2.0.Alpha1 For the management interfaces we are making use of realms backed by CallbackHandlers for the authenticators / mechanisms. This Jira is to look at making the contents of these realms manageable where possible e.g. : - - Definition of users - Modifications to users / password resets - Role memberships -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 6 months

2
1
0 / 0

[JBoss JIRA] Created: (AS7-1386) Add GSSAPI support to CLI

by Darran Lofthouse (JIRA)

Add GSSAPI support to CLI ------------------------- Key: AS7-1386 URL: https://issues.jboss.org/browse/AS7-1386 Project: Application Server 7 Issue Type: Task Components: CLI, Domain Management Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Beta1 Once the Native interface supports GSSAPI then the CLI will also need to support this. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 6 months

2
5
0 / 0

[JBoss JIRA] (AS7-4084) Implement JMX-style management access to Infinispan components

by Richard Achmatowicz (JIRA)

Richard Achmatowicz created AS7-4084: ---------------------------------------- Summary: Implement JMX-style management access to Infinispan components Key: AS7-4084 URL: https://issues.jboss.org/browse/AS7-4084 Project: Application Server 7 Issue Type: Feature Request Components: Clustering Affects Versions: 7.1.0.Final Reporter: Richard Achmatowicz Assignee: Richard Achmatowicz Fix For: 7.1.2.Final Provide MBean style access to the underlying components of JGroups. We should provide at least the access which was formerly provided by JMX. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 6 months

2
8
0 / 0

[JBoss JIRA] Created: (AS7-1313) <distributable> web applications fail to deploy with the default configuration

by Stuart Douglas (JIRA)

<distributable> web applications fail to deploy with the default configuration ------------------------------------------------------------------------------ Key: AS7-1313 URL: https://issues.jboss.org/browse/AS7-1313 Project: Application Server 7 Issue Type: Bug Components: Web Affects Versions: 7.0.0.Final Reporter: Stuart Douglas Assignee: Remy Maucherat <distributable> web applications fail with the following: "Services with missing/unavailable dependencies" => ["jboss.web.\"magnolia-bundled-webapp-4.4.4.war\" missing [ jboss.infinispan.web.___defaultcache ]"]}}} At the very least the user should get a better error message explaining why their deployment failed. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 6 months

12
15
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira April 2012