[JBoss JIRA] (WFLY-2848) Pull the username from LDAP in security realms
by Darran Lofthouse (JIRA)
Darran Lofthouse created WFLY-2848:
--------------------------------------
Summary: Pull the username from LDAP in security realms
Key: WFLY-2848
URL: https://issues.jboss.org/browse/WFLY-2848
Project: WildFly
Issue Type: Task
Security Level: Public (Everyone can see)
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 8.0.0.Final
The user could have entered the username in a different case to what is stored in LDAP, a simple reload of their username using the attribute will correct this.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 4 months
[JBoss JIRA] (DROOLS-402) Programmatic rule update fails
by Mario Fusco (JIRA)
[ https://issues.jboss.org/browse/DROOLS-402?page=com.atlassian.jira.plugin... ]
Mario Fusco resolved DROOLS-402.
--------------------------------
Fix Version/s: 6.1.0.Beta1
Resolution: Done
There was a small bug when using the default releaseId. Fixed.
> Programmatic rule update fails
> ------------------------------
>
> Key: DROOLS-402
> URL: https://issues.jboss.org/browse/DROOLS-402
> Project: Drools
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Affects Versions: 6.0.1.Final
> Environment: Windows 7
> Reporter: Markus Tippmann
> Assignee: Mario Fusco
> Fix For: 6.1.0.Beta1
>
> Attachments: drools.test.zip
>
>
> Programmatic construction of a kmodule and updating its rules fails with different problems.
> I attach a small Maven project which runs 3 tests (one succeeds just for demonstration). I hope I'm doing correctly here on kmodule construction.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 4 months
[JBoss JIRA] (WFLY-2847) Caller's security identity doesn't get propagated by default
by Matus Abaffy (JIRA)
Matus Abaffy created WFLY-2847:
----------------------------------
Summary: Caller's security identity doesn't get propagated by default
Key: WFLY-2847
URL: https://issues.jboss.org/browse/WFLY-2847
Project: WildFly
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: EJB, Security
Affects Versions: 8.0.0.CR1
Reporter: Matus Abaffy
Assignee: David Lloyd
3 session beans: @RunAs("printer") Printer, which calls HelperBean (no security annotations), which calls @RolesAllowed("printer") Toner. The last invocation results in
{{javax.ejb.EJBAccessException: JBAS014502: Invocation on method: public void org.jboss.as.test.integration.ejb.security.runas.propagation.Toner.spill() of bean: Toner is not allowed}}
Printer calling Toner (directly) works just fine. And if the HelperBean is a CDI managed bean, it works just fine too.
According to EJB spec, 12 Security management, 12.1 Overview:
bq. "By default, the caller principal will be propagated as the caller identity. The Bean Provider can use the RunAs annotation to specify that a security principal that has been assigned to a specified security role be used instead. See Section 12.3.4."
12.3.4 Specification of Security Identities in the Deployment Descriptor:
bq. "The Bean Provider or Application Assembler typically specifies whether the caller’s security identity should be used for the execution of the methods of an enterprise bean or whether a specific run-as identity should be used. By default the caller’s security identity is used."
etc.
{code}
@RunAs("printer")
@PermitAll
public class Printer {
@EJB
HelperBean hb;
public void invokeHelperBean() {
hb.invokeToner();
}
}
{code}
{code}
@Stateful
public class HelperBean {
@EJB
Toner toner;
public void invokeToner() {
toner.spill();
}
}
{code}
{code}
@Stateless
@RolesAllowed("printer")
public class Toner {
public void spill() {}
}
{code}
A bit sophisticated test available at: https://github.com/bafco/wildfly/commits/securityContext
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 4 months
[JBoss JIRA] (DROOLS-364) ClasspathKieProject fails vfs: path for jar deployments and exploded ear
by Mario Fusco (JIRA)
[ https://issues.jboss.org/browse/DROOLS-364?page=com.atlassian.jira.plugin... ]
Mario Fusco reassigned DROOLS-364:
----------------------------------
Assignee: Mario Fusco (was: Mark Proctor)
> ClasspathKieProject fails vfs: path for jar deployments and exploded ear
> ------------------------------------------------------------------------
>
> Key: DROOLS-364
> URL: https://issues.jboss.org/browse/DROOLS-364
> Project: Drools
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Affects Versions: 6.0.0.Final
> Environment: JBoss AS 7.1.1
> Reporter: Nicolas-Xavier Vanderlinden
> Assignee: Mario Fusco
> Attachments: jbossas-deploy-reproducer.zip, windows-jboss-as-deploy-server.log
>
>
> Drools is not able to load kmodule.xml from an exploded ear.
> 17:24:45,116 WARN Unable to load pom.properties tried recursing down from\Project\Geline\jboss-as-7.1.1.Final\standalone\deployments\geline.ear\service-impl-1.4.0-SNAPcontent
> null
> 17:24:45,116 ERROR Unable to build index of kmodule.xml url=vfs:/E:/Project/Geline/jboss-as-7.1.1.Final/standalone/deployments/geline.ear/service-impl-1.4.0-SNAPSHOT.jar/META-INF/kmodule.xml
> null
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 4 months
[JBoss JIRA] (DROOLS-364) ClasspathKieProject fails vfs: path for jar deployments and exploded ear
by Mario Fusco (JIRA)
[ https://issues.jboss.org/browse/DROOLS-364?page=com.atlassian.jira.plugin... ]
Mario Fusco resolved DROOLS-364.
--------------------------------
Fix Version/s: 6.1.0.Beta1
Resolution: Done
> ClasspathKieProject fails vfs: path for jar deployments and exploded ear
> ------------------------------------------------------------------------
>
> Key: DROOLS-364
> URL: https://issues.jboss.org/browse/DROOLS-364
> Project: Drools
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Affects Versions: 6.0.0.Final
> Environment: JBoss AS 7.1.1
> Reporter: Nicolas-Xavier Vanderlinden
> Assignee: Mario Fusco
> Fix For: 6.1.0.Beta1
>
> Attachments: jbossas-deploy-reproducer.zip, windows-jboss-as-deploy-server.log
>
>
> Drools is not able to load kmodule.xml from an exploded ear.
> 17:24:45,116 WARN Unable to load pom.properties tried recursing down from\Project\Geline\jboss-as-7.1.1.Final\standalone\deployments\geline.ear\service-impl-1.4.0-SNAPcontent
> null
> 17:24:45,116 ERROR Unable to build index of kmodule.xml url=vfs:/E:/Project/Geline/jboss-as-7.1.1.Final/standalone/deployments/geline.ear/service-impl-1.4.0-SNAPSHOT.jar/META-INF/kmodule.xml
> null
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 4 months
[JBoss JIRA] (DROOLS-364) ClasspathKieProject fails vfs: path for jar deployments and exploded ear
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/DROOLS-364?page=com.atlassian.jira.plugin... ]
RH Bugzilla Integration commented on DROOLS-364:
------------------------------------------------
Mario Fusco <mfusco(a)redhat.com> changed the Status of [bug 1058254|https://bugzilla.redhat.com/show_bug.cgi?id=1058254] from ASSIGNED to MODIFIED
> ClasspathKieProject fails vfs: path for jar deployments and exploded ear
> ------------------------------------------------------------------------
>
> Key: DROOLS-364
> URL: https://issues.jboss.org/browse/DROOLS-364
> Project: Drools
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Affects Versions: 6.0.0.Final
> Environment: JBoss AS 7.1.1
> Reporter: Nicolas-Xavier Vanderlinden
> Assignee: Mark Proctor
> Attachments: jbossas-deploy-reproducer.zip, windows-jboss-as-deploy-server.log
>
>
> Drools is not able to load kmodule.xml from an exploded ear.
> 17:24:45,116 WARN Unable to load pom.properties tried recursing down from\Project\Geline\jboss-as-7.1.1.Final\standalone\deployments\geline.ear\service-impl-1.4.0-SNAPcontent
> null
> 17:24:45,116 ERROR Unable to build index of kmodule.xml url=vfs:/E:/Project/Geline/jboss-as-7.1.1.Final/standalone/deployments/geline.ear/service-impl-1.4.0-SNAPSHOT.jar/META-INF/kmodule.xml
> null
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 4 months
[JBoss JIRA] (DROOLS-418) MVEL Unable to resolve method exception on fact update
by Davide Sottara (JIRA)
[ https://issues.jboss.org/browse/DROOLS-418?page=com.atlassian.jira.plugin... ]
Davide Sottara resolved DROOLS-418.
-----------------------------------
Resolution: Rejected
> MVEL Unable to resolve method exception on fact update
> ------------------------------------------------------
>
> Key: DROOLS-418
> URL: https://issues.jboss.org/browse/DROOLS-418
> Project: Drools
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Affects Versions: 5.5.0.Final
> Environment: Linux Mint 15
> Jboss 5.1
> Reporter: Nedo Nedic
> Assignee: Mark Proctor
> Attachments: Classifier.xls
>
>
> The following rule will fail with an exception after update is called on a fact:
> rule "Classifier"
> no-loop true
> salience 65430
> when
> $sn:Snort(sig_priority == "1", type == null)
> then
> $sn.setType("LOW");
> update($sn);
> end
> Snort fact type declaration:
> declare Snort
> @role( event )
> @timestamp( event_date )
> @expires( 1h )
> dport: String
> data: String
> sport: String
> hostname: String
> type: String
> sig_priority: String
> sensor: String
> id: java.lang.Long
> sig_class_name: String
> ip_dst: String
> sig_name: String
> event_date: java.util.Date
> ip_src: String
> end
> [Error: unable to resolve method: java.util.ArrayList.type() [arglength=0]]
> [Near : {... type == "LOW" ....}]
> ^
> [Line: 1, Column: 1]
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.getMethod(ReflectiveAccessorOptimizer.java:1071)
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.getMethod(ReflectiveAccessorOptimizer.java:980)
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.getBeanProperty(ReflectiveAccessorOptimizer.java:670)
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.getBeanPropertyAO(ReflectiveAccessorOptimizer.java:465)
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.compileGetChain(ReflectiveAccessorOptimizer.java:370)
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.optimizeAccessor(ReflectiveAccessorOptimizer.java:140)
> at org.mvel2.ast.ASTNode.optimize(ASTNode.java:159)
> at org.mvel2.ast.ASTNode.getReducedValueAccelerated(ASTNode.java:115)
> at org.mvel2.ast.BinaryOperation.getReducedValueAccelerated(BinaryOperation.java:114)
> at org.mvel2.MVELRuntime.execute(MVELRuntime.java:86)
> at org.mvel2.compiler.CompiledExpression.getDirectValue(CompiledExpression.java:123)
> at org.mvel2.compiler.CompiledExpression.getValue(CompiledExpression.java:119)
> at org.mvel2.MVEL.executeExpression(MVEL.java:930)
> at org.drools.rule.constraint.MvelConditionEvaluator.evaluate(MvelConditionEvaluator.java:73)
> at org.drools.rule.constraint.MvelConditionEvaluator.evaluate(MvelConditionEvaluator.java:52)
> at org.drools.rule.constraint.MvelConstraint.evaluate(MvelConstraint.java:218)
> at org.drools.rule.constraint.MvelConstraint.isAllowed(MvelConstraint.java:175)
> at org.drools.reteoo.AccumulateNode.evaluateResultConstraints(AccumulateNode.java:655)
> at org.drools.reteoo.ReteooWorkingMemory$EvaluateResultConstraints.execute(ReteooWorkingMemory.java:594)
> at org.drools.common.PropagationContextImpl.evaluateActionQueue(PropagationContextImpl.java:364)
> at org.drools.common.NamedEntryPoint.insert(NamedEntryPoint.java:371)
> at org.drools.common.NamedEntryPoint.insert(NamedEntryPoint.java:327)
> at org.drools.common.AbstractWorkingMemory.insert(AbstractWorkingMemory.java:950)
> at org.drools.common.AbstractWorkingMemory.insert(AbstractWorkingMemory.java:894)
> at org.drools.impl.StatefulKnowledgeSessionImpl.insert(StatefulKnowledgeSessionImpl.java:269)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 4 months
[JBoss JIRA] (DROOLS-418) MVEL Unable to resolve method exception on fact update
by Davide Sottara (JIRA)
[ https://issues.jboss.org/browse/DROOLS-418?page=com.atlassian.jira.plugin... ]
Davide Sottara commented on DROOLS-418:
---------------------------------------
No problem. I will close this ticket.
> MVEL Unable to resolve method exception on fact update
> ------------------------------------------------------
>
> Key: DROOLS-418
> URL: https://issues.jboss.org/browse/DROOLS-418
> Project: Drools
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Affects Versions: 5.5.0.Final
> Environment: Linux Mint 15
> Jboss 5.1
> Reporter: Nedo Nedic
> Assignee: Mark Proctor
> Attachments: Classifier.xls
>
>
> The following rule will fail with an exception after update is called on a fact:
> rule "Classifier"
> no-loop true
> salience 65430
> when
> $sn:Snort(sig_priority == "1", type == null)
> then
> $sn.setType("LOW");
> update($sn);
> end
> Snort fact type declaration:
> declare Snort
> @role( event )
> @timestamp( event_date )
> @expires( 1h )
> dport: String
> data: String
> sport: String
> hostname: String
> type: String
> sig_priority: String
> sensor: String
> id: java.lang.Long
> sig_class_name: String
> ip_dst: String
> sig_name: String
> event_date: java.util.Date
> ip_src: String
> end
> [Error: unable to resolve method: java.util.ArrayList.type() [arglength=0]]
> [Near : {... type == "LOW" ....}]
> ^
> [Line: 1, Column: 1]
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.getMethod(ReflectiveAccessorOptimizer.java:1071)
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.getMethod(ReflectiveAccessorOptimizer.java:980)
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.getBeanProperty(ReflectiveAccessorOptimizer.java:670)
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.getBeanPropertyAO(ReflectiveAccessorOptimizer.java:465)
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.compileGetChain(ReflectiveAccessorOptimizer.java:370)
> at org.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.optimizeAccessor(ReflectiveAccessorOptimizer.java:140)
> at org.mvel2.ast.ASTNode.optimize(ASTNode.java:159)
> at org.mvel2.ast.ASTNode.getReducedValueAccelerated(ASTNode.java:115)
> at org.mvel2.ast.BinaryOperation.getReducedValueAccelerated(BinaryOperation.java:114)
> at org.mvel2.MVELRuntime.execute(MVELRuntime.java:86)
> at org.mvel2.compiler.CompiledExpression.getDirectValue(CompiledExpression.java:123)
> at org.mvel2.compiler.CompiledExpression.getValue(CompiledExpression.java:119)
> at org.mvel2.MVEL.executeExpression(MVEL.java:930)
> at org.drools.rule.constraint.MvelConditionEvaluator.evaluate(MvelConditionEvaluator.java:73)
> at org.drools.rule.constraint.MvelConditionEvaluator.evaluate(MvelConditionEvaluator.java:52)
> at org.drools.rule.constraint.MvelConstraint.evaluate(MvelConstraint.java:218)
> at org.drools.rule.constraint.MvelConstraint.isAllowed(MvelConstraint.java:175)
> at org.drools.reteoo.AccumulateNode.evaluateResultConstraints(AccumulateNode.java:655)
> at org.drools.reteoo.ReteooWorkingMemory$EvaluateResultConstraints.execute(ReteooWorkingMemory.java:594)
> at org.drools.common.PropagationContextImpl.evaluateActionQueue(PropagationContextImpl.java:364)
> at org.drools.common.NamedEntryPoint.insert(NamedEntryPoint.java:371)
> at org.drools.common.NamedEntryPoint.insert(NamedEntryPoint.java:327)
> at org.drools.common.AbstractWorkingMemory.insert(AbstractWorkingMemory.java:950)
> at org.drools.common.AbstractWorkingMemory.insert(AbstractWorkingMemory.java:894)
> at org.drools.impl.StatefulKnowledgeSessionImpl.insert(StatefulKnowledgeSessionImpl.java:269)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 4 months