[JBoss JIRA] (WFLY-2169) Add support to change various Undertow options through WildFly in standalone.xml
by Stuart Douglas (JIRA)
[ https://issues.jboss.org/browse/WFLY-2169?page=com.atlassian.jira.plugin.... ]
Stuart Douglas reassigned WFLY-2169:
------------------------------------
Assignee: Tomaz Cerar (was: Stuart Douglas)
Tomaz, do you mind having a look at this? It should tie in with the other options stuff you were looking at.
> Add support to change various Undertow options through WildFly in standalone.xml
> --------------------------------------------------------------------------------
>
> Key: WFLY-2169
> URL: https://issues.jboss.org/browse/WFLY-2169
> Project: WildFly
> Issue Type: Feature Request
> Components: Web (Undertow)
> Affects Versions: 8.0.0.Alpha4
> Environment: Ubuntu 12.04 LTS, openjdk-7-jdk-7u25-2.3.10-1ubuntu0.12.04.2
> Reporter: Bernd Nigmann
> Assignee: Tomaz Cerar
>
> Undertow's default for the maximum number of HTTP parameter it parses in a GET or POST is 1000:
> {noformat}
> 15:05:41,276 ERROR [io.undertow.request] (default task-17)
> Servlet request failed HttpServerExchange{ POST /***/*******/****}:
> java.lang.IllegalStateException: UT000047: The number of
> parameters exceeded the maximum of 1000
> {noformat}
> In the Undertow sources (https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io...), I found this to be a configurable option: "{{MAX_PARAMETERS}}".
> Please allow changing some of these Undertow options through the WildFly {{standalone.xml}}. Tomaz Cerar asked me to create a ticket for this, based on the referenced forum thread.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 7 months
[JBoss JIRA] (WFLY-2180) Thread threads pools inherit security context of submitting threads
by Stuart Douglas (JIRA)
Stuart Douglas created WFLY-2180:
------------------------------------
Summary: Thread threads pools inherit security context of submitting threads
Key: WFLY-2180
URL: https://issues.jboss.org/browse/WFLY-2180
Project: WildFly
Issue Type: Bug
Components: EE, EJB, Server, Web (Undertow)
Affects Versions: 8.0.0.Alpha4
Reporter: Stuart Douglas
Assignee: David Lloyd
Some thread pool implementation will immediately create a new thread if work is submitted and there is not enough threads available to handle it. This newly created thread will inherit the access control context of the thread that is submitting the work, which essentially means that thread pool threads have a random access control context.
This is the root cause of UNDERTOW-102, and likely other security manager related failures as well.
I think that the best way to fix this is in the thread pool itself, as it should create the thread in a privileged block. We obviously cannot do this for JDK thread pools however.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 7 months
[JBoss JIRA] (WFLY-2179) Enforce permissions on deployment upload ops
by Brian Stansberry (JIRA)
Brian Stansberry created WFLY-2179:
--------------------------------------
Summary: Enforce permissions on deployment upload ops
Key: WFLY-2179
URL: https://issues.jboss.org/browse/WFLY-2179
Project: WildFly
Issue Type: Sub-task
Components: Domain Management
Affects Versions: 8.0.0.Alpha4
Reporter: Brian Stansberry
Assignee: Brian Stansberry
Fix For: 8.0.0.CR1
The handlers for the upload-deployment-[bytes|stream|url] ops are not triggering any permission checks. This is because they do not affect model and are not accessing the service registry.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 7 months
[JBoss JIRA] (JGRP-1708) sun.security.rsa.RSAPrivateCrtKeyImpl cannot be cast to javax.crypto.SecretKey
by shen kim (JIRA)
[ https://issues.jboss.org/browse/JGRP-1708?page=com.atlassian.jira.plugin.... ]
shen kim closed JGRP-1708.
--------------------------
Resolution: Rejected
> sun.security.rsa.RSAPrivateCrtKeyImpl cannot be cast to javax.crypto.SecretKey
> ------------------------------------------------------------------------------
>
> Key: JGRP-1708
> URL: https://issues.jboss.org/browse/JGRP-1708
> Project: JGroups
> Issue Type: Bug
> Environment: JDK1.7 Jgroups3.4.0.Beta1
> Reporter: shen kim
> Assignee: Bela Ban
>
> When I used ENCRYPT with key_store like this:
> <config xmlns="urn:org:jgroups" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:org:jgroups http://www.jgroups.org/schema/JGroups-3.3.xsd">
> <TCP />
> <MPING />
> <MERGE2 />
> <FD />
> <VERIFY_SUSPECT />
> <ENCRYPT key_store_name="server.keystore" store_password="changeit" alias="tomcat"/>
> <pbcast.NAKACK />
> <UNICAST3 />
> <pbcast.GMS />
> <UFC />
> <MFC />
> <STATS />
> <pbcast.STATE_SOCK />
> </config>
> When I start the first Cluster it is OK, but when I start the second Cluster it throw:
> Exception in thread "main" java.lang.ClassCastException: sun.security.rsa.RSAPrivateCrtKeyImpl cannot be cast to javax.crypto.SecretKey
> at org.jgroups.protocols.ENCRYPT.initConfiguredKey(ENCRYPT.java:274)
> at org.jgroups.protocols.ENCRYPT.init(ENCRYPT.java:234)
> at org.jgroups.stack.ProtocolStack.initProtocolStack(ProtocolStack.java:848)
> at org.jgroups.stack.ProtocolStack.setup(ProtocolStack.java:467)
> at org.jgroups.JChannel.init(JChannel.java:830)
> at org.jgroups.JChannel.<init>(JChannel.java:158)
> at org.jgroups.JChannel.<init>(JChannel.java:138)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 7 months