November 2014 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-276) whoami operation failed when rbac enabled but no roles assigned

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFCORE-276?page=com.atlassian.jira.plugin... ] Darran Lofthouse resolved WFCORE-276. ------------------------------------- Resolution: Won't Fix Marking as 'Won't Fix' as this failure is happening during the validation of a low level command, the recommended approach is to use a high level command. Within the CLI a high level command 'connection-info' already exists which amongst other things outputs the resulting role information from whoami so there is no benefit in adding another high level command to duplicate this. > whoami operation failed when rbac enabled but no roles assigned > --------------------------------------------------------------- > > Key: WFCORE-276 > URL: https://issues.jboss.org/browse/WFCORE-276 > Project: WildFly Core > Issue Type: Bug > Components: CLI, Domain Management > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.0.0.Alpha14 > > > Need to double check this is either the CLI making a call in addition to the whoami op and that call is failing or something being accessed by whoami is causing the failure. > Here is the failure for a user with no roles: - > {noformat} > [standalone@localhost:9990 /] [darranl@localhost bin]$ ./jboss-cli.sh -c --no-local-auth > Authenticating against security realm: ManagementRealm > Username: UserTwo > Password: > [standalone@localhost:9990 /] :whoami > { > "outcome" => "success", > "result" => {"identity" => { > "username" => "UserTwo", > "realm" => "ManagementRealm" > }} > } > [standalone@localhost:9990 /] :whoami(verbose=true) > Failed to get the list of the operation properties: "WFLYCTL0313: Unauthorized to execute operation 'read-operation-description' for resource '[]' -- "WFLYCTL0332: Permission denied"" > [standalone@localhost:9990 /] > {noformat} -- This message was sent by Atlassian JIRA (v6.3.8#6338)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-275) Migrate some RBAC tests from WildFly full to core

by Emmanuel Hugonnet (JIRA)

[ https://issues.jboss.org/browse/WFCORE-275?page=com.atlassian.jira.plugin... ] Emmanuel Hugonnet commented on WFCORE-275: ------------------------------------------ AccessConstraintUtilizationTestCase -- non-core ApplicationTypeTestCase -- core -- create a variant using logging StandardRolesBasicTestCase -- core-ish -- replace war, figure out jmx, add extension to replace ds -- CliInterfaceStandardRolesBasicTestCase -- core -- HttpInterfaceStandardRolesBasicTestCase -- core -- NativeInterfaceStandardRolesBasicTestCase -- core -- Jmx2ndInterfaceStandardRolesBasicTestCase ??? -- JmxInterfaceStandardRolesBasicTestCase ??? DeploymentScannerTestCase -- core; replace sar IncludeAllRoleTestCase -- core JmxNonSensitiveTestCase -- with jmx JmxSensitiveTestCase -- with jmx LdapRoleMappingG2UTestCase -- core LdapRoleMappingU2GTestCase -- core PermissionsCoverageTestCase -- core and full ReadResourceDescriptionVsActualOperationTestCase -- core, but meh RejectingCombinationPolicyTestCase -- core RoleMappingRuntimeReconfigurationTestCase -- core RolesIntegrityCheckingTestCase -- core ValidateAddressOrOperationTestCase -- core; replace DS VaultExpressionSensitivityTestCase -- core; replace DS > Migrate some RBAC tests from WildFly full to core > ------------------------------------------------- > > Key: WFCORE-275 > URL: https://issues.jboss.org/browse/WFCORE-275 > Project: WildFly Core > Issue Type: Task > Components: Test Suite > Affects Versions: 1.0.0.Alpha13 > Reporter: Emmanuel Hugonnet > Assignee: Emmanuel Hugonnet > > All RBAC integration testing is currently done in the WILDFLY project whereas the code is in WFCORE. Migrate some tests which are not related to the RBAC usage in WILDFLY to WFCORE. -- This message was sent by Atlassian JIRA (v6.3.8#6338)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-279) Upgrade to JBoss Remoting after 4.0.5.Final

by Darran Lofthouse (JIRA)

Darran Lofthouse created WFCORE-279: --------------------------------------- Summary: Upgrade to JBoss Remoting after 4.0.5.Final Key: WFCORE-279 URL: https://issues.jboss.org/browse/WFCORE-279 Project: WildFly Core Issue Type: Component Upgrade Components: Remoting Reporter: Darran Lofthouse Assignee: David Lloyd Fix For: 1.0.0.Alpha14 -- This message was sent by Atlassian JIRA (v6.3.8#6338)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3285) Domain directory properties only work on specific operating systems

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3285?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3285: ----------------------------------------------- Jason T. Greene <jason.greene(a)redhat.com> changed the Status of [bug 1091198|https://bugzilla.redhat.com/show_bug.cgi?id=1091198] from POST to MODIFIED > Domain directory properties only work on specific operating systems > ------------------------------------------------------------------- > > Key: WFLY-3285 > URL: https://issues.jboss.org/browse/WFLY-3285 > Project: WildFly > Issue Type: Bug > Components: Scripts > Affects Versions: 8.1.0.CR1 > Reporter: Dennis Reed > Assignee: Tomaz Cerar > > domain.sh only parses -Djboss.domain.base.dir, -Djboss.domain.log.dir, and -Djboss.domain.config.dir (used to set -Dlogging.configuration and -Dorg.jboss.boot.log.file) on Linux, Solaris, and OS X. > It does not attempt to parse these (and therefore does not set the logging properties correctly) on any other OS, including AIX. -- This message was sent by Atlassian JIRA (v6.3.8#6338)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-160) Bash scripts should not attempt to expand argument properties

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFCORE-160?page=com.atlassian.jira.plugin... ] RH Bugzilla Integration commented on WFCORE-160: ------------------------------------------------ Jason T. Greene <jason.greene(a)redhat.com> changed the Status of [bug 1145960|https://bugzilla.redhat.com/show_bug.cgi?id=1145960] from POST to MODIFIED > Bash scripts should not attempt to expand argument properties > ------------------------------------------------------------- > > Key: WFCORE-160 > URL: https://issues.jboss.org/browse/WFCORE-160 > Project: WildFly Core > Issue Type: Bug > Components: Scripts > Reporter: James Perkins > Assignee: James Perkins > Fix For: 1.0.0.Alpha10 > > > Scripts that parse the command line arguments use a pattern like > {code} > while [ "$#" -gt 0 ] > do > case "$1" in > *) > CLI_OPTS="$CLI_OPTS \"$1\"" > ;; > esac > shift > done > {code} > The {{CLI_OPTS="$CLI_OPTS \"$1\""}} should be {{CLI_OPTS="$CLI_OPTS '$1'"}} -- This message was sent by Atlassian JIRA (v6.3.8#6338)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-278) Revisit error message for an authentication failure.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFCORE-278?page=com.atlassian.jira.plugin... ] Darran Lofthouse moved WFLY-3208 to WFCORE-278: ----------------------------------------------- Project: WildFly Core (was: WildFly) Key: WFCORE-278 (was: WFLY-3208) Issue Type: Bug (was: Task) Affects Version/s: (was: 8.0.0.Final) Component/s: CLI Domain Management Remoting Security (was: CLI) (was: Domain Management) (was: Remoting) (was: Security) Fix Version/s: 1.0.0.Alpha14 (was: 9.0.0.Beta1) > Revisit error message for an authentication failure. > ---------------------------------------------------- > > Key: WFCORE-278 > URL: https://issues.jboss.org/browse/WFCORE-278 > Project: WildFly Core > Issue Type: Bug > Components: CLI, Domain Management, Remoting, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.0.0.Alpha14 > > > After authentication fails in the CLI the following error message is output: - > {code} > Unable to authenticate against controller at localhost:9990: Authentication failed: the server presented no authentication mechanisms > {code} > This text is a bit misleading, what it actually means is all mechanisms presented have either been excluded or attempted and now no further mechanisms are available to try. -- This message was sent by Atlassian JIRA (v6.3.8#6338)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-276) whoami operation failed when rbac enabled but no roles assigned

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFCORE-276?page=com.atlassian.jira.plugin... ] Darran Lofthouse updated WFCORE-276: ------------------------------------ Description: Need to double check this is either the CLI making a call in addition to the whoami op and that call is failing or something being accessed by whoami is causing the failure. Here is the failure for a user with no roles: - {noformat} [standalone@localhost:9990 /] [darranl@localhost bin]$ ./jboss-cli.sh -c --no-local-auth Authenticating against security realm: ManagementRealm Username: UserTwo Password: [standalone@localhost:9990 /] :whoami { "outcome" => "success", "result" => {"identity" => { "username" => "UserTwo", "realm" => "ManagementRealm" }} } [standalone@localhost:9990 /] :whoami(verbose=true) Failed to get the list of the operation properties: "WFLYCTL0313: Unauthorized to execute operation 'read-operation-description' for resource '[]' -- "WFLYCTL0332: Permission denied"" [standalone@localhost:9990 /] {noformat} was:Need to double check this is either the CLI making a call in addition to the whoami op and that call is failing or something being accessed by whoami is causing the failure. > whoami operation failed when rbac enabled but no roles assigned > --------------------------------------------------------------- > > Key: WFCORE-276 > URL: https://issues.jboss.org/browse/WFCORE-276 > Project: WildFly Core > Issue Type: Bug > Components: CLI, Domain Management > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.0.0.Alpha14 > > > Need to double check this is either the CLI making a call in addition to the whoami op and that call is failing or something being accessed by whoami is causing the failure. > Here is the failure for a user with no roles: - > {noformat} > [standalone@localhost:9990 /] [darranl@localhost bin]$ ./jboss-cli.sh -c --no-local-auth > Authenticating against security realm: ManagementRealm > Username: UserTwo > Password: > [standalone@localhost:9990 /] :whoami > { > "outcome" => "success", > "result" => {"identity" => { > "username" => "UserTwo", > "realm" => "ManagementRealm" > }} > } > [standalone@localhost:9990 /] :whoami(verbose=true) > Failed to get the list of the operation properties: "WFLYCTL0313: Unauthorized to execute operation 'read-operation-description' for resource '[]' -- "WFLYCTL0332: Permission denied"" > [standalone@localhost:9990 /] > {noformat} -- This message was sent by Atlassian JIRA (v6.3.8#6338)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-4116) WAR deployment fails on missing security domain dependency

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-4116?page=com.atlassian.jira.plugin.... ] Darran Lofthouse resolved WFLY-4116. ------------------------------------ Resolution: Rejected > WAR deployment fails on missing security domain dependency > ---------------------------------------------------------- > > Key: WFLY-4116 > URL: https://issues.jboss.org/browse/WFLY-4116 > Project: WildFly > Issue Type: Feature Request > Components: Security, Web (JBoss Web), Web (Undertow) > Affects Versions: 8.2.0.Final > Environment: Standalone form-based authentication WAR > Reporter: Lars Hellgren > Assignee: Darran Lofthouse > Fix For: 8.2.0.Final > > > Moving WARs using form based authentication from WildFly 8.1 Final to 8.2 Final fails due to a missing security domain dependency. > *Log* > {noformat} > service jboss.security.security-domain.java:/jaas/haa-portal (missing) dependents: > [service jboss.deployment.unit."haa-security-manager.war".component.SecurityManagerRepositorySessionBean.CREATE, > service jboss.deployment.unit."haa-security-manager.war".component.UserPrefsRepository.CREATE] > {noformat} > *jboss-web.xml* > {code:xml} > <jboss-web> > <security-domain>java:/jaas/haa-portal</security-domain> > </jboss-web> > {code} > *standalone.xml* > {code:xml} > <subsystem xmlns="urn:jboss:domain:security:1.2"> > <security-domains> > ... > <security-domain name="haa-portal"> > <authentication> > <login-module code="Database" flag="required"> > ... > </login-module> > </authentication> > </security-domain> > </security-domains> > </subsystem> > {code} > The datasource is deployed and connected. -- This message was sent by Atlassian JIRA (v6.3.8#6338)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-4116) WAR deployment fails on missing security domain dependency

by Lars Hellgren (JIRA)

[ https://issues.jboss.org/browse/WFLY-4116?page=com.atlassian.jira.plugin.... ] Lars Hellgren commented on WFLY-4116: ------------------------------------- Jaikiran, Thank you. Lars On Fri, Nov 21, 2014 at 9:23 PM, jaikiran pai (JIRA) <issues(a)jboss.org> > WAR deployment fails on missing security domain dependency > ---------------------------------------------------------- > > Key: WFLY-4116 > URL: https://issues.jboss.org/browse/WFLY-4116 > Project: WildFly > Issue Type: Feature Request > Components: Security, Web (JBoss Web), Web (Undertow) > Affects Versions: 8.2.0.Final > Environment: Standalone form-based authentication WAR > Reporter: Lars Hellgren > Assignee: Darran Lofthouse > Fix For: 8.2.0.Final > > > Moving WARs using form based authentication from WildFly 8.1 Final to 8.2 Final fails due to a missing security domain dependency. > *Log* > {noformat} > service jboss.security.security-domain.java:/jaas/haa-portal (missing) dependents: > [service jboss.deployment.unit."haa-security-manager.war".component.SecurityManagerRepositorySessionBean.CREATE, > service jboss.deployment.unit."haa-security-manager.war".component.UserPrefsRepository.CREATE] > {noformat} > *jboss-web.xml* > {code:xml} > <jboss-web> > <security-domain>java:/jaas/haa-portal</security-domain> > </jboss-web> > {code} > *standalone.xml* > {code:xml} > <subsystem xmlns="urn:jboss:domain:security:1.2"> > <security-domains> > ... > <security-domain name="haa-portal"> > <authentication> > <login-module code="Database" flag="required"> > ... > </login-module> > </authentication> > </security-domain> > </security-domains> > </subsystem> > {code} > The datasource is deployed and connected. -- This message was sent by Atlassian JIRA (v6.3.8#6338)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (JBMETA-381) DefaultPropertyReplacer can't handle ${:} expression

by Brian Stansberry (JIRA)

Brian Stansberry created JBMETA-381: --------------------------------------- Summary: DefaultPropertyReplacer can't handle ${:} expression Key: JBMETA-381 URL: https://issues.jboss.org/browse/JBMETA-381 Project: JBoss Metadata Issue Type: Bug Components: common Reporter: Brian Stansberry Assignee: Brian Stansberry Priority: Minor If the string "${:}" is passed to default property replacer, it does not parse it as indicating File.pathSeparator; rather it treats it as the default delimiter. ${:} resolves to an empty string. a${:} resolves to a ${:}a resolves to a -- This message was sent by Atlassian JIRA (v6.3.8#6338)

9 years, 7 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira November 2014