December 2013 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-459) correct JPA dependency injection (stop injecting javassist)

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-459?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-459: ------------------------------ Fix Version/s: 8.0.0.Final (was: 8.0.0.CR1) > correct JPA dependency injection (stop injecting javassist) > ----------------------------------------------------------- > > Key: WFLY-459 > URL: https://issues.jboss.org/browse/WFLY-459 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: JPA / Hibernate > Reporter: Scott Marlow > Assignee: Scott Marlow > Fix For: 8.0.0.Final > > > Rather than export the javassist dependency, see if we can change javassist to generate proxies for the application classes which aren't on the hibernate module class path. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-469) Parent Issue for Java EE 7 Support

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-469?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-469: ------------------------------ Fix Version/s: 8.0.0.Final (was: 8.0.0.CR1) > Parent Issue for Java EE 7 Support > ---------------------------------- > > Key: WFLY-469 > URL: https://issues.jboss.org/browse/WFLY-469 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: EE > Reporter: David Lloyd > Assignee: David Lloyd > Priority: Critical > Fix For: 8.0.0.Final > > > This is the parent issue for tracking tasks related to completing our Java EE 7 support. Do not close the issue unless Jason has given his blessing. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-468) Report master SHA1 before pull request gets rebased

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-468?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-468: ------------------------------ Fix Version/s: 8.0.0.Final (was: 8.0.0.CR1) > Report master SHA1 before pull request gets rebased > --------------------------------------------------- > > Key: WFLY-468 > URL: https://issues.jboss.org/browse/WFLY-468 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Test Suite > Reporter: Thomas Diesler > Assignee: Tomaz Cerar > Fix For: 8.0.0.Final > > > For a successful merge like [this|http://lightning.mw.lab.eng.bos.redhat.com/jenkins/job/as7-param-pul...] I see > {code} > + git init > Initialized empty Git repository in /home/jenkins/jenkins-work/workspace/as7-param-pull/.git/ > + git config user.email jenkins(a)example.com > + git config user.name 'Mr. Jenkins' > + git remote add origin git://github.com/jbossas/jboss-as.git > + git fetch origin master:refs/remotes/origin/master > From git://github.com/jbossas/jboss-as > * [new branch] master -> origin/master > From git://github.com/jbossas/jboss-as > ... > * [new tag] 7.1.2.Final -> 7.1.2.Final > + git fetch origin refs/pull/2593/head > From git://github.com/jbossas/jboss-as > * branch refs/pull/2593/head -> FETCH_HEAD > + git checkout FETCH_HEAD > ... > Checking out files: 100% (9519/9519), done. > Note: checking out 'FETCH_HEAD'. > You are in 'detached HEAD' state. You can look around, make experimental > changes and commit them, and you can discard any commits you make in this > state without impacting any branches by performing another checkout. > If you want to create a new branch to retain commits you create, you may > do so (now or later) by using -b with the checkout command again. Example: > git checkout -b new_branch_name > HEAD is now at 3a64ae5... [AS7-5052] Allow WAR deployments as OSGi bundles > + git rebase origin/master > First, rewinding head to replay your work on top of it... > Applying: [AS7-4918] Registered module using OSGi capability not visible as a bundle > Applying: [AS7-5049] Allow bundles to get resolved/activated during deployment unit processing > Applying: [AS7-5104] Remove no-start behaviour for test bundle deployments > Applying: [AS7-5093] Allow JDBC driver deployments as OSGi bundles > Applying: [AS7-5052] Allow WAR deployments as OSGi bundles > {code} > This tells me that the rebase was ok, but not onto what master revision it happened. Hence I cannot reproduce this run locally. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-473) Get rid of external .index files

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-473?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-473: ------------------------------ Fix Version/s: 8.0.0.Final (was: 8.0.0.CR1) > Get rid of external .index files > -------------------------------- > > Key: WFLY-473 > URL: https://issues.jboss.org/browse/WFLY-473 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Build System > Reporter: David Lloyd > Fix For: 8.0.0.Final > > > The external {{*.index}} files have become a problem for distribution. In 8 we should switch to using internal {{META-INF/PATHS.LIST}} files. These files should be embedded during build. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-483) Allow more control over authentication for server to server communication through remote-outbound-connection

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-483?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-483: ------------------------------ Fix Version/s: 8.0.0.Final (was: 8.0.0.CR1) > Allow more control over authentication for server to server communication through remote-outbound-connection > ------------------------------------------------------------------------------------------------------------ > > Key: WFLY-483 > URL: https://issues.jboss.org/browse/WFLY-483 > Project: WildFly > Issue Type: Sub-task > Security Level: Public(Everyone can see) > Components: Remoting, Security > Reporter: jaikiran pai > Assignee: Darran Lofthouse > Fix For: 8.0.0.Final > > > Right now for server to server communication via a remote-outbound-connection, we expect a static username to be specified (along with the security realm). User applications which use this remote-outbound-connection, for example an EJB application, do not have much control over the user/pass information, since the username is static. This further acts a drawback since the username that's used to connect to the remote server will be used as the (application) user who invoked the EJB. > It would be good to allow more control over the authentication for the remote-outbound-connection. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-475) Re-review CLI server certificate acceptance.

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-475?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-475: ------------------------------ Fix Version/s: 8.0.0.Final (was: 8.0.0.CR1) > Re-review CLI server certificate acceptance. > -------------------------------------------- > > Key: WFLY-475 > URL: https://issues.jboss.org/browse/WFLY-475 > Project: WildFly > Issue Type: Sub-task > Security Level: Public(Everyone can see) > Components: CLI > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 8.0.0.Final > > > Can we remove the call loop and manage the user prompt and trust store replacement all within the trust manager? -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-485) Review SecurityContext associations

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-485?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-485: ------------------------------ Fix Version/s: 8.0.0.Final (was: 8.0.0.CR1) > Review SecurityContext associations > ------------------------------------ > > Key: WFLY-485 > URL: https://issues.jboss.org/browse/WFLY-485 > Project: WildFly > Issue Type: Sub-task > Security Level: Public(Everyone can see) > Components: Security > Reporter: Darran Lofthouse > Assignee: David Lloyd > Labels: Security_SPI > Fix For: 8.0.0.Final > > > We should re-review the approach we take for security context association within AS7 containers. > Back at the time of AS 3 it fairly reliable to assume a 1:1 mapping of thread and client with the incoming connection being allocated it's own thread, this is no longer automatically the case and different containers can use different threading models e.g. using Executors to handle asynchronous requests. > The problem with using a ThreadLocal approach is that every time a container diverges from the 1:1 mapping of thread and client that container needs to work around the issue of an invalid SecurityContext association. > One possibility is to pass responsibility for managing the context to the container although this then introduces the question of how it is passed from container to container. This issue needs to consider this further. > Also need to review further how the security context can be created at all entry points to the server and how it can be manually switched now that we use SASL on entry for remote calls we do now have the opportunity for equivalent behaviour at the entry point for both web and ejb type calls - in the past we only had this opportunity for web based calls and would only create a security context on entering the interceptors for the EJB calls. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-490) Domain Management Role Based Access Control

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-490?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-490: ------------------------------ Fix Version/s: 8.0.0.Final (was: 8.0.0.CR1) > Domain Management Role Based Access Control > ------------------------------------------- > > Key: WFLY-490 > URL: https://issues.jboss.org/browse/WFLY-490 > Project: WildFly > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Components: Domain Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Labels: Authorization > Fix For: 8.0.0.Final > > > Implement some coarse permissions for domain operations. Possibly allowing a break down for subsystem, profile, server, server-group - maybe read - write - execute. > Also consider confidentiality in exchange e.g. Can read metrics over http but must use https to add new server. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-486) Implement Trust for users requesting to run as a different user.

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-486?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-486: ------------------------------ Fix Version/s: 8.0.0.Final (was: 8.0.0.CR1) > Implement Trust for users requesting to run as a different user. > ---------------------------------------------------------------- > > Key: WFLY-486 > URL: https://issues.jboss.org/browse/WFLY-486 > Project: WildFly > Issue Type: Sub-task > Security Level: Public(Everyone can see) > Components: Remoting, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 8.0.0.Final > > > Where SASL is used for authentication users can request to authenticate as themselves but to be authorized to connect to the server as a different user. > A couple of examples where this could be used: - > - A user granting access to another user to log into their account. > - A user with two levels of access e.g. normal and admin and requesting they have admin level access. > Another area we are looking to use this feature is where one server connects to another server but want to be able to run requests on the remote server using the identity of a specified user. > This Jira issue is to enhance the security realms to allow for trust permissions to be defined - initially this will be local to a single realm but will subsequently be opened up to work across different realms. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-497) Infinispan thread pool injection

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-497?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-497: ------------------------------ Fix Version/s: 8.0.0.Final (was: 8.0.0.CR1) > Infinispan thread pool injection > -------------------------------- > > Key: WFLY-497 > URL: https://issues.jboss.org/browse/WFLY-497 > Project: WildFly > Issue Type: Sub-task > Security Level: Public(Everyone can see) > Components: Clustering > Reporter: David Lloyd > Assignee: Paul Ferraro > Fix For: 8.0.0.Final > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 6 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira December 2013