November 2013 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-2585) Correct the identification of the current caller when a security manager is enabled.

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-2585?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration updated WFLY-2585: ------------------------------------------ Bugzilla References: https://bugzilla.redhat.com/show_bug.cgi?id=1034700, https://bugzilla.redhat.com/show_bug.cgi?id=1035231, https://bugzilla.redhat.com/show_bug.cgi?id=1035232 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1034700, https://bugzilla.redhat.com/show_bug.cgi?id=1035231) > Correct the identification of the current caller when a security manager is enabled. > ------------------------------------------------------------------------------------ > > Key: WFLY-2585 > URL: https://issues.jboss.org/browse/WFLY-2585 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Domain Management > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 8.0.0.CR1 > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1477) JACC HttpServletRequestPolicyContextHandler removal on single application undeploy impacting all other deployed applications

by Remy Maucherat (JIRA)

[ https://issues.jboss.org/browse/WFLY-1477?page=com.atlassian.jira.plugin.... ] Remy Maucherat commented on WFLY-1477: -------------------------------------- Well, the bug is assigned to JBoss Web, not Undertow, and was real (it got fixed in the web subsystem). So if something is wrong about undertow in Wildfly, it is a different issue. > JACC HttpServletRequestPolicyContextHandler removal on single application undeploy impacting all other deployed applications > ---------------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-1477 > URL: https://issues.jboss.org/browse/WFLY-1477 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Web (JBoss Web) > Affects Versions: 8.0.0.Alpha1 > Environment: CentOS 6.x, JBoss AS 7.1.1.Final > Reporter: Steve S > Assignee: Remy Maucherat > Labels: domain, jaas, jboss, jbossweb, login, module, security > > Please see the following forum post for a detailed explanation and findings(and potential workaround): > https://community.jboss.org/message/822054#822054 > If multiple WARs are deployed that depend on a login module leveraging: > HttpServletRequest request = (HttpServletRequest)PolicyContext.getContext("javax.servlet.http.HttpServletRequest"); > then upon undeploy of any web application in the container the HttpServletRequestPolicyContextHandler is removed(deregistered) in the stop() lifecycle method of the JBossWebRealmService, resulting in: > 13:03:35,335 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (ajp--0.0.0.0-8009-1) Login failure: javax.security.auth.login.LoginException: java.lang.IllegalArgumentException: No PolicyContextHandler for key=javax.servlet.http.HttpServletRequest at javax.security.jacc.PolicyContext.getContext(PolicyContext.java:117) > for any webapps still deployed for every subsequent access to them. > Simply redeploying any ONE of the remaining webapps or the previously undeployed webapp causes this problem to go away for all deployed applications. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2585) Correct the identification of the current caller when a security manager is enabled.

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-2585?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration updated WFLY-2585: ------------------------------------------ Bugzilla Update: Perform Bugzilla References: https://bugzilla.redhat.com/show_bug.cgi?id=1034700 > Correct the identification of the current caller when a security manager is enabled. > ------------------------------------------------------------------------------------ > > Key: WFLY-2585 > URL: https://issues.jboss.org/browse/WFLY-2585 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Domain Management > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 8.0.0.CR1 > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2585) Correct the identification of the current caller when a security manager is enabled.

by Darran Lofthouse (JIRA)

Darran Lofthouse created WFLY-2585: -------------------------------------- Summary: Correct the identification of the current caller when a security manager is enabled. Key: WFLY-2585 URL: https://issues.jboss.org/browse/WFLY-2585 Project: WildFly Issue Type: Bug Security Level: Public (Everyone can see) Components: Domain Management Reporter: Darran Lofthouse Assignee: Darran Lofthouse Priority: Critical Fix For: 8.0.0.CR1 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2584) RBAC: Silent failure of run-as role mapping

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-2584?page=com.atlassian.jira.plugin.... ] Darran Lofthouse commented on WFLY-2584: ---------------------------------------- I see no reason not to fail, the client only has the ability to request a reduced set of roles - if one of the roles they are requesting does not exist they should be informed. Not reporting an error would only lead to confusion I think overall. > RBAC: Silent failure of run-as role mapping > ------------------------------------------- > > Key: WFLY-2584 > URL: https://issues.jboss.org/browse/WFLY-2584 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Domain Management > Affects Versions: 8.0.0.Beta1 > Reporter: Brian Stansberry > Assignee: Darran Lofthouse > Fix For: 8.0.0.CR1 > > > RunAsRoleMapper.mapRoles(Caller caller, Set<String> currentRoles, Set<String> runAsRoles, boolean sanitized) ignores false results from realRoleMapper.canRunAs(currentRoles, requestedRole) and just leaves the user running in their regular roles. Some sort of failure condition seems more appropriate. > I noticed this when I was investigating WFLY-2318 caused by WFLY-2583. The improperly parsed role list was resulting in realRoleMapper.canRunAs(currentRoles, requestedRole) returning false so the call would just execute as SuperUser. > Same thing would happen with a simple typo like {roles=Mnitor}. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1994) JPA module throws NPE when binding unavailable persistence unit

by Scott Marlow (JIRA)

[ https://issues.jboss.org/browse/WFLY-1994?page=com.atlassian.jira.plugin.... ] Scott Marlow updated WFLY-1994: ------------------------------- Fix Version/s: 8.0.0.CR1 > JPA module throws NPE when binding unavailable persistence unit > --------------------------------------------------------------- > > Key: WFLY-1994 > URL: https://issues.jboss.org/browse/WFLY-1994 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: JPA / Hibernate > Affects Versions: 8.0.0.Alpha4 > Environment: Fedora 19, Wildfly a0c7edb142b75d92276fb9fa9c0033ea1d583934 or AS7.2.0 > Reporter: Brent Douglas > Assignee: Scott Marlow > Fix For: 8.0.0.CR1 > > > When binding an unavailable PU to JNDI an NPE is thrown rather than a message explaining the problem. > {noformat} > 13:33:55,185 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-4) MSC000001: Failed to start service jboss.deployment.unit."fails.ear".POST_MODULE: org.jboss.msc.service.StartException in service jboss.deployment.unit."fails.ear".POST_MODULE: JBAS018733: Failed to process phase POST_MODULE of deployment "fails.ear" > at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:166) [wildfly-server-8.0.0.Beta1-SNAPSHOT.jar:8.0.0.Beta1-SNAPSHOT] > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1944) [jboss-msc-1.2.0.Beta2.jar:1.2.0.Beta2] > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1877) [jboss-msc-1.2.0.Beta2.jar:1.2.0.Beta2] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_25] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_25] > at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25] > Caused by: java.lang.NullPointerException > at org.jboss.as.jpa.processor.PersistenceRefProcessor.getPersistenceUnitBindingSource(PersistenceRefProcessor.java:211) > at org.jboss.as.jpa.processor.PersistenceRefProcessor.getPersistenceUnitRefs(PersistenceRefProcessor.java:127) > at org.jboss.as.jpa.processor.PersistenceRefProcessor.processDescriptorEntries(PersistenceRefProcessor.java:78) > at org.jboss.as.ee.component.deployers.AbstractDeploymentDescriptorBindingsProcessor.deploy(AbstractDeploymentDescriptorBindingsProcessor.java:95) > at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:159) [wildfly-server-8.0.0.Beta1-SNAPSHOT.jar:8.0.0.Beta1-SNAPSHOT] > ... 5 more > {noformat} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1994) JPA module throws NPE when binding unavailable persistence unit

by Scott Marlow (JIRA)

[ https://issues.jboss.org/browse/WFLY-1994?page=com.atlassian.jira.plugin.... ] Scott Marlow closed WFLY-1994. ------------------------------ > JPA module throws NPE when binding unavailable persistence unit > --------------------------------------------------------------- > > Key: WFLY-1994 > URL: https://issues.jboss.org/browse/WFLY-1994 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: JPA / Hibernate > Affects Versions: 8.0.0.Alpha4 > Environment: Fedora 19, Wildfly a0c7edb142b75d92276fb9fa9c0033ea1d583934 or AS7.2.0 > Reporter: Brent Douglas > Assignee: Scott Marlow > Fix For: 8.0.0.CR1 > > > When binding an unavailable PU to JNDI an NPE is thrown rather than a message explaining the problem. > {noformat} > 13:33:55,185 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-4) MSC000001: Failed to start service jboss.deployment.unit."fails.ear".POST_MODULE: org.jboss.msc.service.StartException in service jboss.deployment.unit."fails.ear".POST_MODULE: JBAS018733: Failed to process phase POST_MODULE of deployment "fails.ear" > at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:166) [wildfly-server-8.0.0.Beta1-SNAPSHOT.jar:8.0.0.Beta1-SNAPSHOT] > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1944) [jboss-msc-1.2.0.Beta2.jar:1.2.0.Beta2] > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1877) [jboss-msc-1.2.0.Beta2.jar:1.2.0.Beta2] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_25] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_25] > at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25] > Caused by: java.lang.NullPointerException > at org.jboss.as.jpa.processor.PersistenceRefProcessor.getPersistenceUnitBindingSource(PersistenceRefProcessor.java:211) > at org.jboss.as.jpa.processor.PersistenceRefProcessor.getPersistenceUnitRefs(PersistenceRefProcessor.java:127) > at org.jboss.as.jpa.processor.PersistenceRefProcessor.processDescriptorEntries(PersistenceRefProcessor.java:78) > at org.jboss.as.ee.component.deployers.AbstractDeploymentDescriptorBindingsProcessor.deploy(AbstractDeploymentDescriptorBindingsProcessor.java:95) > at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:159) [wildfly-server-8.0.0.Beta1-SNAPSHOT.jar:8.0.0.Beta1-SNAPSHOT] > ... 5 more > {noformat} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1994) JPA module throws NPE when binding unavailable persistence unit

by Scott Marlow (JIRA)

[ https://issues.jboss.org/browse/WFLY-1994?page=com.atlassian.jira.plugin.... ] Scott Marlow commented on WFLY-1994: ------------------------------------ Thanks for the fix Andrei Tretyakov! > JPA module throws NPE when binding unavailable persistence unit > --------------------------------------------------------------- > > Key: WFLY-1994 > URL: https://issues.jboss.org/browse/WFLY-1994 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: JPA / Hibernate > Affects Versions: 8.0.0.Alpha4 > Environment: Fedora 19, Wildfly a0c7edb142b75d92276fb9fa9c0033ea1d583934 or AS7.2.0 > Reporter: Brent Douglas > Assignee: Scott Marlow > > When binding an unavailable PU to JNDI an NPE is thrown rather than a message explaining the problem. > {noformat} > 13:33:55,185 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-4) MSC000001: Failed to start service jboss.deployment.unit."fails.ear".POST_MODULE: org.jboss.msc.service.StartException in service jboss.deployment.unit."fails.ear".POST_MODULE: JBAS018733: Failed to process phase POST_MODULE of deployment "fails.ear" > at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:166) [wildfly-server-8.0.0.Beta1-SNAPSHOT.jar:8.0.0.Beta1-SNAPSHOT] > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1944) [jboss-msc-1.2.0.Beta2.jar:1.2.0.Beta2] > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1877) [jboss-msc-1.2.0.Beta2.jar:1.2.0.Beta2] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_25] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_25] > at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25] > Caused by: java.lang.NullPointerException > at org.jboss.as.jpa.processor.PersistenceRefProcessor.getPersistenceUnitBindingSource(PersistenceRefProcessor.java:211) > at org.jboss.as.jpa.processor.PersistenceRefProcessor.getPersistenceUnitRefs(PersistenceRefProcessor.java:127) > at org.jboss.as.jpa.processor.PersistenceRefProcessor.processDescriptorEntries(PersistenceRefProcessor.java:78) > at org.jboss.as.ee.component.deployers.AbstractDeploymentDescriptorBindingsProcessor.deploy(AbstractDeploymentDescriptorBindingsProcessor.java:95) > at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:159) [wildfly-server-8.0.0.Beta1-SNAPSHOT.jar:8.0.0.Beta1-SNAPSHOT] > ... 5 more > {noformat} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1477) JACC HttpServletRequestPolicyContextHandler removal on single application undeploy impacting all other deployed applications

by Frank Cornelis (JIRA)

[ https://issues.jboss.org/browse/WFLY-1477?page=com.atlassian.jira.plugin.... ] Frank Cornelis commented on WFLY-1477: -------------------------------------- What do you mean by "using web with WildFly"? I use the default Undertow. From a servlet I end up in some EJB3 session bean. There I do: HttpServletRequest request = (HttpServletRequest)PolicyContext.getContext("javax.servlet.http.HttpServletRequest"); and then it explodes. This should not happen. I should be able to get the HttpServletRequest. > JACC HttpServletRequestPolicyContextHandler removal on single application undeploy impacting all other deployed applications > ---------------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-1477 > URL: https://issues.jboss.org/browse/WFLY-1477 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Web (JBoss Web) > Affects Versions: 8.0.0.Alpha1 > Environment: CentOS 6.x, JBoss AS 7.1.1.Final > Reporter: Steve S > Assignee: Remy Maucherat > Labels: domain, jaas, jboss, jbossweb, login, module, security > > Please see the following forum post for a detailed explanation and findings(and potential workaround): > https://community.jboss.org/message/822054#822054 > If multiple WARs are deployed that depend on a login module leveraging: > HttpServletRequest request = (HttpServletRequest)PolicyContext.getContext("javax.servlet.http.HttpServletRequest"); > then upon undeploy of any web application in the container the HttpServletRequestPolicyContextHandler is removed(deregistered) in the stop() lifecycle method of the JBossWebRealmService, resulting in: > 13:03:35,335 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (ajp--0.0.0.0-8009-1) Login failure: javax.security.auth.login.LoginException: java.lang.IllegalArgumentException: No PolicyContextHandler for key=javax.servlet.http.HttpServletRequest at javax.security.jacc.PolicyContext.getContext(PolicyContext.java:117) > for any webapps still deployed for every subsequent access to them. > Simply redeploying any ONE of the remaining webapps or the previously undeployed webapp causes this problem to go away for all deployed applications. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1477) JACC HttpServletRequestPolicyContextHandler removal on single application undeploy impacting all other deployed applications

by Remy Maucherat (JIRA)

[ https://issues.jboss.org/browse/WFLY-1477?page=com.atlassian.jira.plugin.... ] Remy Maucherat commented on WFLY-1477: -------------------------------------- You mean you're still using web with Wildfly ? That would not be supported anymore. > JACC HttpServletRequestPolicyContextHandler removal on single application undeploy impacting all other deployed applications > ---------------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-1477 > URL: https://issues.jboss.org/browse/WFLY-1477 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Web (JBoss Web) > Affects Versions: 8.0.0.Alpha1 > Environment: CentOS 6.x, JBoss AS 7.1.1.Final > Reporter: Steve S > Assignee: Remy Maucherat > Labels: domain, jaas, jboss, jbossweb, login, module, security > > Please see the following forum post for a detailed explanation and findings(and potential workaround): > https://community.jboss.org/message/822054#822054 > If multiple WARs are deployed that depend on a login module leveraging: > HttpServletRequest request = (HttpServletRequest)PolicyContext.getContext("javax.servlet.http.HttpServletRequest"); > then upon undeploy of any web application in the container the HttpServletRequestPolicyContextHandler is removed(deregistered) in the stop() lifecycle method of the JBossWebRealmService, resulting in: > 13:03:35,335 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (ajp--0.0.0.0-8009-1) Login failure: javax.security.auth.login.LoginException: java.lang.IllegalArgumentException: No PolicyContextHandler for key=javax.servlet.http.HttpServletRequest at javax.security.jacc.PolicyContext.getContext(PolicyContext.java:117) > for any webapps still deployed for every subsequent access to them. > Simply redeploying any ONE of the remaining webapps or the previously undeployed webapp causes this problem to go away for all deployed applications. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira November 2013