[JBoss JIRA] Created: (JBESB-193) Need support for notification generatoin from within ActionProcessor.process method
by Tom Fennelly (JIRA)
Need support for notification generatoin from within ActionProcessor.process method
-----------------------------------------------------------------------------------
Key: JBESB-193
URL: http://jira.jboss.com/jira/browse/JBESB-193
Project: JBoss ESB
Issue Type: Task
Security Level: Public (Everyone can see)
Affects Versions: 4.1
Reporter: Tom Fennelly
Assigned To: Mark Little
Fix For: 4.1
In version 4.0, the Action Processing pipeline management code raises notifications in response to an exception from the ActionProcessor.process method. The pipeline managemnt code calls the getOkNotification (no exception) or getErrorNotification (exception) to get the notification message.
For many reasons, this is a very flawed model. Notifications should be raised from within the process method by means of attaching the notifications (error or otherwise) to the message (the mechanism is a design issue). Once the process method returns, the pipline processing management code can check the message for notifications. If there are errors, it can/should (?) abort the message processing, send the error notification (by whatever notification options are configured on the listener) and signal the failure to the calling process (by whatever failure config is configured on the listener).
The getOk and getErro methods can then be removed.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
2 months, 1 week
[JBoss JIRA] Created: (JGRP-1257) ENCRYPT protocol UnrecoverableKeyException: Given final block not properly padded
by Andres Garcia Garcia (JIRA)
ENCRYPT protocol UnrecoverableKeyException: Given final block not properly padded
---------------------------------------------------------------------------------
Key: JGRP-1257
URL: https://jira.jboss.org/browse/JGRP-1257
Project: JGroups
Issue Type: Bug
Affects Versions: 2.11, 2.8, 2.7
Environment: Windows XP SP3, Java 1.6
Reporter: Andres Garcia Garcia
Assignee: Bela Ban
Recently I updated my jgroups version from 2.4.x to 2.11. Suddenly my applications thrown this exception.
org.jgroups.ChannelException: unable to setup the protocol stack: Given final block not properly padded
at org.jgroups.JChannel.init(JChannel.java:1574)
at org.jgroups.JChannel.<init>(JChannel.java:257)
at org.jgroups.JChannel.<init>(JChannel.java:240)
at org.jgroups.demos.Draw.<init>(Draw.java:52)
at org.jgroups.demos.Draw.main(Draw.java:141)
Caused by: java.security.UnrecoverableKeyException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_z.a(DashoA13*..)
at com.sun.crypto.provider.JceKeyStore.engineGetKey(DashoA13*..)
at java.security.KeyStore.getKey(Unknown Source)
at org.jgroups.protocols.ENCRYPT.initConfiguredKey(ENCRYPT.java:269)
at org.jgroups.protocols.ENCRYPT.init(ENCRYPT.java:231)
at org.jgroups.stack.ProtocolStack.initProtocolStack(ProtocolStack.java:641)
at org.jgroups.stack.ProtocolStack.setup(ProtocolStack.java:468)
at org.jgroups.JChannel.init(JChannel.java:1570)
... 4 more
The ENCRYPT protocol config is
<ENCRYPT sym_init="448"
sym_algorithm="Blowfish"
encrypt_entire_message="true"
key_store_name="cloudencrypt.keystore"
store_password="password"
alias="test"/>
I tested the same code with different versions. 2.6.15 GA is the last working version, and every version I tested from 2.7 GA to 2.11 GA throw the same exception. I made a little use case with it. Maybe I am missing something?
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
2 months, 1 week
[JBoss JIRA] Created: (AS7-782) Hudson/Jenkins won't work in AS7b3
by Fred Bricon (JIRA)
Hudson/Jenkins won't work in AS7b3
----------------------------------
Key: AS7-782
URL: https://issues.jboss.org/browse/AS7-782
Project: Application Server 7
Issue Type: Bug
Affects Versions: 7.0.0.Beta3
Environment: Fedora 14, JDK 1.6.0_24, JBoss AS7 beta 3
Reporter: Fred Bricon
Assignee: Jason Greene
After patching AS7b3 with the latest jboss-vfs from github/master and
deploying hudson ( http://search.maven.org/remotecontent?filepath=org/jvnet/hudson/main/huds...) or jenkins on AS7, an exception is thrown when accessing the homepage (or any page) :
{noformat}
17:39:33,429 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/hudson-war-2.0.0].[Stapler]] (http-localhost.localdomain-127.0.0.1-8080-2) "Servlet.service()" pour la servlet Stapler a généré une exception: java.net.MalformedURLException: unknown protocol: jndi
at java.net.URL.<init>(URL.java:574) [:1.6.0_24]
at java.net.URL.<init>(URL.java:464) [:1.6.0_24]
at java.net.URL.<init>(URL.java:413) [:1.6.0_24]
at org.kohsuke.stapler.Stapler.selectResourceByLocale(Stapler.java:227) [stapler-1.155.jar:]
at org.kohsuke.stapler.Stapler.openResourcePathByLocale(Stapler.java:203) [stapler-1.155.jar:]
at org.kohsuke.stapler.Stapler.service(Stapler.java:145) [stapler-1.155.jar:]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:94) [hudson-core-2.0.0.jar:]
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:86) [hudson-core-2.0.0.jar:]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:47) [hudson-core-2.0.0.jar:]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:162) [hudson-core-2.0.0.jar:]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) [hudson-core-2.0.0.jar:]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:388) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:658) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951) [jbossweb-7.0.0.Beta11.jar:7.0.0.Beta3]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_24]
{noformat}
I first mentioned this issur on irc (see http://echelog.matzon.dk/logs/browse/jboss-as7/1305151200 [13:42:43] -> [13:48:58])
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
2 months, 1 week
[JBoss JIRA] Created: (JGRP-457) Optimization: make threads return immediately if NAKACK has another active thread for the same sender
by Bela Ban (JIRA)
Optimization: make threads return immediately if NAKACK has another active thread for the same sender
-----------------------------------------------------------------------------------------------------
Key: JGRP-457
URL: http://jira.jboss.com/jira/browse/JGRP-457
Project: JGroups
Issue Type: Feature Request
Reporter: Bela Ban
Assigned To: Bela Ban
Priority: Minor
Fix For: 2.5
In NAKACK, when a thread places a message for sender S into the NakReceiverWindow NRW, it subsequently acquires a lock on NRW (lock by sender) and removes as many messages as possible and passes them up.
If many threads do this at the same time, all threads but one are blocked, and - when finally unblocked - usually return. This causes context switches and possibly cache flushing, so a better way would be to have the threads check whether another thread is already removing messages using a CAS operation *before* acquiring the lock.
The effect should be that no threads will wait on the lock unnecessarily, and thus fewer context switches, and more threads available to the pool.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5 months, 2 weeks
[JBoss JIRA] (WFLY-2403) Cannot disable Datasource or XADatasource in standalone and domain modes
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/WFLY-2403?page=com.atlassian.jira.plugin.... ]
RH Bugzilla Integration commented on WFLY-2403:
-----------------------------------------------
Brian Stansberry <brian.stansberry(a)redhat.com> changed the Status of [bug 970679|https://bugzilla.redhat.com/show_bug.cgi?id=970679] from POST to MODIFIED
> Cannot disable Datasource or XADatasource in standalone and domain modes
> ------------------------------------------------------------------------
>
> Key: WFLY-2403
> URL: https://issues.jboss.org/browse/WFLY-2403
> Project: WildFly
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Reporter: Stefano Maestri
> Assignee: Stefano Maestri
>
> Description of problem:
> Cannot disable a Datasource or XADatasource in standalone mode. It's back to enabled state after server reload.
> Version-Release number of selected component (if applicable):
> 6.1
> How reproducible:
> Always
> Steps to Reproduce:
> Use the http management interface or the CLI
> 1.Create a Datasource of XADatasource
> 2.Disable it
> 3.The response indicates a server reload is required
> 4.Execute the reload operation
> Actual results:
> The datasource is back to enabled state
> Expected results:
> The datasource should be in disabled state
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months
[JBoss JIRA] (WFLY-1924) An EJB on a WildFly server can't call another bean on a second server with remoting and SSL
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/WFLY-1924?page=com.atlassian.jira.plugin.... ]
RH Bugzilla Integration commented on WFLY-1924:
-----------------------------------------------
Brian Stansberry <brian.stansberry(a)redhat.com> changed the Status of [bug 1025319|https://bugzilla.redhat.com/show_bug.cgi?id=1025319] from NEW to POST
> An EJB on a WildFly server can't call another bean on a second server with remoting and SSL
> -------------------------------------------------------------------------------------------
>
> Key: WFLY-1924
> URL: https://issues.jboss.org/browse/WFLY-1924
> Project: WildFly
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: EJB, Remoting, Security
> Affects Versions: 8.0.0.Alpha4
> Environment: WildFly 8.0.0.Beta1-SNAPSHOT from Do 22. Aug 2013, 07:48 UTC
> on Linux with Java 1.7.0_25-b15
> Reporter: Bernd Koecke
> Assignee: jaikiran pai
> Fix For: 8.0.0.Beta1
>
>
> I configured two WildFly server, one is the service provider (server), the other one the consumer (client). An EJB on the consumer server tries to call an EJB on the provider server and the remoting connection is secured by SSL. But it doesn't work. I can see the negotiation of the cipher suites and then the communication stops. I get a
> {{javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?}}
> on the provider side. A JavaSE client can call the service provider, but only when SSL_SARTTLS is not set. My current setup is:
> subsystem undertow, default-server:
> {code:xml}
> <https-listener name="defaults" socket-binding="https" security-realm="HttpsRealm"/>
> {code}
> subsystem ejb3:
> {code:xml}
> <remote connector-ref="https-remoting-connector" thread-pool-name="default"/>
> {code}
> Output on the service provider side when the communication stops:
> {noformat}
> [stdout] (default I/O-3) Using SSLEngineImpl.
> [stdout] (default I/O-3) Ignoring unavailable cipher suite: ...
> *** 13 lines more ***
> [stdout] (default I/O-3) Allow unsafe renegotiation: false
> [stdout] (default I/O-3) Allow legacy hello messages: true
> [stdout] (default I/O-3) Is initial handshake: true
> [stdout] (default I/O-3) Is secure renegotiation: false
> [stdout] (default I/O-3) default I/O-3, fatal error: 80: problem unwrapping net record
> [stdout] (default I/O-3) javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
> [stdout] (default I/O-3) default I/O-3, SEND TLSv1 ALERT: fatal, description = internal_error
> [stdout] (default I/O-3) default I/O-3, WRITE: TLSv1 Alert, length = 2
> [stdout] (default I/O-3) default I/O-3, called closeOutbound()
> [stdout] (default I/O-3) default I/O-3, closeOutboundInternal()
> [stdout] (default I/O-3) [Raw write]: length = 7
> [stdout] (default I/O-3) 0000: 15 03 01 00 02 02 50 ......P
> {noformat}
> WildFly consumer config
> subsystem remoting, outbound connections:
> {code:xml}
> <remote-outbound-connection name="provider-one-connection" outbound-socket-binding-ref="provider-ejb" security-realm="ProviderOneRealm" protocol="https-remoting">
> <properties>
> <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
> </properties>
> </remote-outbound-connection>
> {code}
> The realms contain the key- and truststores and all passwords are configured.
> The reason for the communication problem comes from the following code.
> The service consumer (or client) WildFly has a remote-outbound-connection in the remoting subsystem config which results in an {{org.jboss.as.remoting.RemoteOutboundConnectionService}}. There is a {{connect()}} method which contains the lines:
> {code:java}
> OptionMap.Builder builder = OptionMap.builder();
> builder.addAll(this.connectionCreationOptions);
> builder.set(SASL_POLICY_NOANONYMOUS, Boolean.FALSE);
> builder.set(SASL_POLICY_NOPLAINTEXT, Boolean.FALSE);
> builder.set(Options.SASL_DISALLOWED_MECHANISMS, Sequence.of(JBOSS_LOCAL_USER));
> builder.set(Options.SSL_ENABLED, true);
> builder.set(Options.SSL_STARTTLS, true);
> return endpoint.connect(uri, builder.getMap(), callbackHandler, sslContext);
> {code}
> My configuration comes from {{this.connectionOptions}} and is overwritten by the defaults. The service consumer will open the connection with {{SSL_STARTTLS==true}}.
> The service provider (or server) WildFly uses an https-listener from the undertow subsystem. Which generates an {{org.wildfly.extension.undertow.HttpsListenerService}}. Method {{startListening(XnioWorker worker,...)}} has the following code:
> {code:java}
> protected void startListening(XnioWorker worker, InetSocketAddress socketAddress, ChannelListener<AcceptingChannel<StreamConnection>> acceptListener) throws IOException {
> SSLContext sslContext = securityRealm.getValue().getSSLContext();
> Builder builder = OptionMap.builder().addAll(SERVER_OPTIONS);
> builder.set(UndertowOptions.MAX_ENTITY_SIZE, maxUploadSize);
> if (securityRealm.getValue().getSupportedAuthenticationMechanisms().contains(AuthMechanism.CLIENT_CERT)) {
> builder.set(SSL_CLIENT_AUTH_MODE, REQUESTED);
> }
> builder.set(Options.USE_DIRECT_BUFFERS,true);
> OptionMap combined = builder.getMap();
> XnioSsl xnioSsl = new JsseXnioSsl(worker.getXnio(), combined, sslContext);
> sslServer = xnioSsl.createSslConnectionServer(worker, socketAddress, (ChannelListener) acceptListener, combined);
> sslServer.resumeAccepts();
> UndertowLogger.ROOT_LOGGER.listenerStarted("HTTPS", getName(), socketAddress);
> }
> {code}
> The OptionMap {{combined}} is used for the {{JsseXnioSsl}} and I can't see a way how to add my own configuration options. The result is that {{SSL_STARTTLS}} is undefined and in {{JsseXnioSsl}} has a method {{connectSsl}} which calls {{openSslConnection}}. There is an event handler build which calls:
> {code:java}
> new JsseSslStreamConnection(connection, JsseSslUtils.createSSLEngine(sslContext, optionMap, destination), socketBufferPool, applicationBufferPool, optionMap.get(Options.SSL_STARTTLS, false));
> {code}
> This sets the flag {{startTls}} of the constructor to false and the member variable {{tls}} in {{org.xnio.ssl.JsseSslStreamConnection}} to true. And when I understand it right, will then the consumer start unencrypted and will only switch to TLS when it is told todo so. But the service provider expectes, because of {{tls==true}}, an encrypted connection right from the beginning. And this generates the above error message/exception. I can reproduce this by using a JavaSE client to call the service provider. This works well when I don't set {{SSL_STARTTLS}} on the client side. But when I set it to {{true}} I get the same behavior like when the client is another WildFly instance.
> [~ctomc] said that on the consumer side in the {{connect()}} method the {{builder.addAll(...)}} should be moved to the end after setting the defaults. Thats the reason for this issue.
> With this solution I can switch off {{SSL_STARTTLS}} on the consumer(client) side.
> Another additional possibility could be to make the provider (server) side configurable that the hard coded options can be overwritten. But I don't know if this fits in the original design.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months
[JBoss JIRA] (WFLY-2427) Launcher API
by Brian Stansberry (JIRA)
Brian Stansberry created WFLY-2427:
--------------------------------------
Summary: Launcher API
Key: WFLY-2427
URL: https://issues.jboss.org/browse/WFLY-2427
Project: WildFly
Issue Type: Feature Request
Security Level: Public (Everyone can see)
Components: Server
Reporter: Brian Stansberry
1) The AS should have some sort of API for launching our processes so tools that want a process have a clear contract instead of having to guess at what's relevant in our ever-changing scripts.
2) We want the main class in our process launch to be what's invoked by java -jar jboss-modules.jar. We don't want java -jar jboss-as-launcher.jar which does some stuff and then calls org.jboss.modules.Main.
3) JBoss Modules itself shouldn't have a lot of the stuff in it that's relevant to an AS launcher API, because many of those things are not relevant to JBoss Modules in a generic sense.
What we could do though is provide a launcher lib that isn't involved at all in our normal boot. Something that would only be used by tools that want to launch a separate, i.e. non-embedded, AS process.
So, some sort of stable configuration API and then a simple
java.lang.Process launch()
Basically, a utility that does the ProcessBuilder stuff that everybody is doing themselves now.
HOWEVER...
Eclipse-based tools like JBDS use Eclipse APIs for launch and would not use the above launch() method.
So, besides that launch method, look into adding some methods to give the necessary inputs to the Eclipse API be useful. So Eclipse-based tools don't ask it for the process but can still get a standard launch configuration.
I'd only want to do that if those methods would return something generally understandable, but a String or List<String> for classpath, List<String>s for vm/program args, some representation that "-jar jboss-modules.jar" is the way to get the main class -- those all seem generic enough.
Any "which VM" stuff is consider out of scope; choosing the VM is the responsibility of the tool. Options that are not universally supported across VMs and are those a function of VM choice, like whether to use -server, are also out of scope.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months