[JBoss JIRA] (WFLY-3932) Enable security manager via JBoss Modules
by David Lloyd (JIRA)
[ https://issues.jboss.org/browse/WFLY-3932?page=com.atlassian.jira.plugin.... ]
David Lloyd commented on WFLY-3932:
-----------------------------------
Only the main modules (standalone, domain server, and domain host) need to import the dependency with services.
> Enable security manager via JBoss Modules
> -----------------------------------------
>
> Key: WFLY-3932
> URL: https://issues.jboss.org/browse/WFLY-3932
> Project: WildFly
> Issue Type: Feature Request
> Components: Security Manager
> Reporter: James Perkins
> Assignee: James Perkins
>
> In WildFly Core the security manager can be enabled via the {{-secmgr}} argument or setting the {{SECMGR=true}} environment variable. In order for this change to work correctly the {{WildFlySecurityManager.install()}} needs to be disabled.
> Also all modules that declare a dependency on {{org.wildfly.security.manager}} need to export the services.
> Tests need to be updated to use the {{-secmgr}} argument rather than {{-Djava.security.manager}}.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (ELY-43) Clean up Base64
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/ELY-43?page=com.atlassian.jira.plugin.sys... ]
Jason Greene commented on ELY-43:
---------------------------------
It's up to you guys if you want the code. (I would just copy the source for now if so). I more just wanted you to know it existed, and it had been already tested and tuned.
> Clean up Base64
> ---------------
>
> Key: ELY-43
> URL: https://issues.jboss.org/browse/ELY-43
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: Utils
> Reporter: Darran Lofthouse
> Assignee: Farah Juma
> Fix For: 1.0.0.Beta1
>
>
> The Base64 implementation has been split out of PasswordUtils some additional steps are needed to finish cleaning it up: -
> - Look at switching to input and output streams instead of the custom iterators it is using.
> - Consider the ByteStringBuilder from SASL
> - As potentially more visible ensure clearer method names.
> - Ensure adequate javadoc and cross referencing of standards supported.
> e.g. If we implement an RFC ensure the number is referenced.
> - Testing of each variant
> - Consider optional support, e.g. decoding a padded String
> - Go beyond testing we can decode what we encode and ensure pre-encoded values can be handled adequately.
> Any other clean up here that seems relevant.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (WFCORE-94) Add -secmgr to startup scripts and propagate -secmgr through the domain
by James Perkins (JIRA)
[ https://issues.jboss.org/browse/WFCORE-94?page=com.atlassian.jira.plugin.... ]
James Perkins updated WFCORE-94:
--------------------------------
Summary: Add -secmgr to startup scripts and propagate -secmgr through the domain (was: Add MODULE_OPTS to startup scripts and propagate -secmgr through the domain)
> Add -secmgr to startup scripts and propagate -secmgr through the domain
> -----------------------------------------------------------------------
>
> Key: WFCORE-94
> URL: https://issues.jboss.org/browse/WFCORE-94
> Project: WildFly Core
> Issue Type: Feature Request
> Components: Domain Management, Scripts
> Reporter: Kabir Khan
> Assignee: James Perkins
> Fix For: 1.0.0.Alpha9
>
>
> The preferred mechanism to enable a security manager is to use the -secmgr module option. Modify the scripts to make this easier to add, and make adjustments to propagate this through the domain.
> The -secmgr module option is not visible from the launched process, so for the process controller and host controller to pass that on to the started host controller or server process respectively, a check is added to see if a security manager was enabeld. If a security manager is enabled, and -Djava.security.manager is not present in the system properties, we add the -secmgr module option when starting the next process.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (WFLY-3932) Enable security manager via JBoss Modules
by James Perkins (JIRA)
James Perkins created WFLY-3932:
-----------------------------------
Summary: Enable security manager via JBoss Modules
Key: WFLY-3932
URL: https://issues.jboss.org/browse/WFLY-3932
Project: WildFly
Issue Type: Feature Request
Components: Security Manager
Reporter: James Perkins
Assignee: James Perkins
In WildFly Core the security manager can be enabled via the {{-secmgr}} argument or setting the {{SECMGR=true}} environment variable. In order for this change to work correctly the {{WildFlySecurityManager.install()}} needs to be disabled.
Also all modules that declare a dependency on {{org.wildfly.security.manager}} need to export the services.
Tests need to be updated to use the {{-secmgr}} argument rather than {{-Djava.security.manager}}.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (WFLY-3925) JAX-RS bean implemented as Stateless is destroyed after response
by Stuart Douglas (JIRA)
[ https://issues.jboss.org/browse/WFLY-3925?page=com.atlassian.jira.plugin.... ]
Stuart Douglas commented on WFLY-3925:
--------------------------------------
Unfortunately it is impossible to provide a 'reasonable' default, as what is reasonable for one app will be a massive performance bottleneck on others.
Also modern JVM GC is much better than in the past, depending on the EJB (and if it does any expensive initialisation) allocation+GC can actually be cheaper than pooling (as pooling uses locks / atomics, which are relatively expensive).
> JAX-RS bean implemented as Stateless is destroyed after response
> ----------------------------------------------------------------
>
> Key: WFLY-3925
> URL: https://issues.jboss.org/browse/WFLY-3925
> Project: WildFly
> Issue Type: Bug
> Affects Versions: 8.1.0.Final
> Reporter: Sergio Samayoa
> Assignee: Jason Greene
>
> A JAX-RS bean implemented as stateless EJB is destroyed after response is sent.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (WFLY-3931) Custom formatter property changes not written to, but overriden by logging.properties
by James Perkins (JIRA)
[ https://issues.jboss.org/browse/WFLY-3931?page=com.atlassian.jira.plugin.... ]
James Perkins updated WFLY-3931:
--------------------------------
Workaround Description: Use the CLI {{write-attribute}} operation to write new properties.
> Custom formatter property changes not written to, but overriden by logging.properties
> -------------------------------------------------------------------------------------
>
> Key: WFLY-3931
> URL: https://issues.jboss.org/browse/WFLY-3931
> Project: WildFly
> Issue Type: Bug
> Components: Logging
> Affects Versions: 8.1.0.Final
> Environment: Wildfly 8.1.0.Final
> Reporter: Vsevolod Golovanov
> Assignee: James Perkins
>
> When you first add custom formatter with properties to standalone.xml, on server start property values get correctly resolved and written to logging.properties.
> If you change property values in standalone.xml of an existing custom formatter, that was flushed to logging.properties before, then on the next server start new values don't get written to logging.properties and formatter instance gets the old values from logging.properties.
> For properties with static values that are defined in standalone.xml there is a workaround: change the custom formatter name each time you change a property value.
> But with more dynamic properties, e.g. that rely on system properties, it's not so simple...
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years