[JBoss JIRA] (ELY-126) Consider adding credential verification to realm API
by David Lloyd (JIRA)
[ https://issues.jboss.org/browse/ELY-126?page=com.atlassian.jira.plugin.sy... ]
David Lloyd commented on ELY-126:
---------------------------------
Here's a proposal API:
{code}
public interface RealmIdentity {
// [...]
/**
* Verify the given credential. The result is one of the following:
* <ul>
* <li>{@link VerificationResult#DENIED} - the credential is not valid</li>
* <li>{@link VerificationResult#UNVERIFIED} - the credential is not supported or could not be verified; retry with another credential type</li>
* <li>{@link VerificationResult#VERIFIED} - the credential is valid and verified</li>
* </ul>
*
* @param credential the credential to verify
* @return the non-{@code null} verification result
*/
VerificationResult verifyCredential(Object credential);
// [...]
}
{code}
It does require that realms all support this method, which at the least would have to support {{char[]}} credentials for password verification.
> Consider adding credential verification to realm API
> ----------------------------------------------------
>
> Key: ELY-126
> URL: https://issues.jboss.org/browse/ELY-126
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: API / SPI, Realms
> Reporter: David Lloyd
>
> Some realms may not be able to acquire credentials. These realms will need a verification API (not like the old verification API though).
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
10 years
[JBoss JIRA] (WFCORE-455) Include additional sun.jdk dependencies
by Mustafa Musaji (JIRA)
[ https://issues.jboss.org/browse/WFCORE-455?page=com.atlassian.jira.plugin... ]
Mustafa Musaji commented on WFCORE-455:
---------------------------------------
Oracle JDK 1.7
> Include additional sun.jdk dependencies
> ----------------------------------------
>
> Key: WFCORE-455
> URL: https://issues.jboss.org/browse/WFCORE-455
> Project: WildFly Core
> Issue Type: Bug
> Components: Modules
> Affects Versions: 1.0.0.Alpha14
> Reporter: Mustafa Musaji
> Assignee: David Lloyd
>
> Include the following out of the box for sun.jdk module
> - for working with javax.sql.rowset.RowSetProvider
> <path name="com/sun/rowset"/>
> <path name="com/sun/rowset/providers"/>
> - for working with java.lang.invoke.MethodHandleProxies
> <path name="sun/invoke"/>
> This affects EAP customers using CP releases when overlays override changes made in the original module.xml. For sun.jdk classes, the above packages should be included out of the box.
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
10 years
[JBoss JIRA] (ELY-126) Consider adding credential verification to realm API
by David Lloyd (JIRA)
[ https://issues.jboss.org/browse/ELY-126?page=com.atlassian.jira.plugin.sy... ]
David Lloyd edited comment on ELY-126 at 12/10/14 12:06 PM:
------------------------------------------------------------
Here's a proposal API:
{code:java}
public interface RealmIdentity {
// [...]
/**
* Verify the given credential. The result is one of the following:
* <ul>
* <li>{@link VerificationResult#DENIED} - the credential is not valid</li>
* <li>{@link VerificationResult#UNVERIFIED} - the credential is not supported or could not be verified; retry with another credential type</li>
* <li>{@link VerificationResult#VERIFIED} - the credential is valid and verified</li>
* </ul>
*
* @param credential the credential to verify
* @return the non-{@code null} verification result
*/
VerificationResult verifyCredential(Object credential);
// [...]
}
{code}
It does require that realms all support this method, which at the least would have to support {{char[]}} credentials for password verification.
was (Author: dmlloyd):
Here's a proposal API:
{code}
public interface RealmIdentity {
// [...]
/**
* Verify the given credential. The result is one of the following:
* <ul>
* <li>{@link VerificationResult#DENIED} - the credential is not valid</li>
* <li>{@link VerificationResult#UNVERIFIED} - the credential is not supported or could not be verified; retry with another credential type</li>
* <li>{@link VerificationResult#VERIFIED} - the credential is valid and verified</li>
* </ul>
*
* @param credential the credential to verify
* @return the non-{@code null} verification result
*/
VerificationResult verifyCredential(Object credential);
// [...]
}
{code}
It does require that realms all support this method, which at the least would have to support {{char[]}} credentials for password verification.
> Consider adding credential verification to realm API
> ----------------------------------------------------
>
> Key: ELY-126
> URL: https://issues.jboss.org/browse/ELY-126
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: API / SPI, Realms
> Reporter: David Lloyd
>
> Some realms may not be able to acquire credentials. These realms will need a verification API (not like the old verification API though).
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
10 years
[JBoss JIRA] (DROOLS-664) Implement xpath notation in drools constraints
by Mario Fusco (JIRA)
Mario Fusco created DROOLS-664:
----------------------------------
Summary: Implement xpath notation in drools constraints
Key: DROOLS-664
URL: https://issues.jboss.org/browse/DROOLS-664
Project: Drools
Issue Type: Feature Request
Reporter: Mario Fusco
Assignee: Mario Fusco
It is required to allow an xpath notation in drools constraints like the following:
{code}
Person( $pet : /pets )
{code}
that is formally equivalent to the more verbose:
{code}
Person( $pets : pets )
$pet : Pet() from $pets
{code}
It should be also possible to have conditions filtering the collection like in:
{code}
Person( $pet : /pets[ age == 5 ] )
{code}
corresponding to:
{code}
Person( $pets : pets )
$pet : Pet(age == 5) from $pets
{code}
Of course also multiple indirections has to be allowed, so the following:
{code}
Man( $toy : /wife/children/toys )
{code}
will be equivalent to:
{code}
$man: Man( $wife: wife )
$child: Child() from $wife.children
$toy: Toy() from $child.toys
{code}
In this case the xpath notation will also allow to flatten the 2 from nodes in a single one that will internally flatten the collection of collections. Since it is necessary to distinguish the case when we want to iterate a collection from the case when we want to bind the collection as a whole it is possible to mix the collection iteration operator '/' and the simple dereferencing operator '.' as in:
{code}
Man( $toys : /wife/children.toys )
{code}
In this last case this pattern binds each List<Toy> for each child as a whole, so this is equivalent to:
{code}
$man: Man( $wife: wife )
Child( $toys: toys ) from $wife.children
{code}
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
10 years
[JBoss JIRA] (WFCORE-57) Deprecated resource is present in r-r-d of /subsystem=security/security-domain=*
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/WFCORE-57?page=com.atlassian.jira.plugin.... ]
RH Bugzilla Integration commented on WFCORE-57:
-----------------------------------------------
Emmanuel Hugonnet (ehsavoie) <ehugonne(a)redhat.com> changed the Status of [bug 1070214|https://bugzilla.redhat.com/show_bug.cgi?id=1070214] from ASSIGNED to POST
> Deprecated resource is present in r-r-d of /subsystem=security/security-domain=*
> --------------------------------------------------------------------------------
>
> Key: WFCORE-57
> URL: https://issues.jboss.org/browse/WFCORE-57
> Project: WildFly Core
> Issue Type: Enhancement
> Components: Domain Management
> Affects Versions: 1.0.0.Alpha4
> Reporter: Harald Pehl
> Assignee: Emmanuel Hugonnet
> Priority: Minor
> Fix For: 1.0.0.Alpha9
>
>
> When executing
> {code}
> /subsystem=security/security-domain=*:read-resource-description(recursive-depth=2)
> {code}
> the acl subresource contains both the deprecated child-resource {{login-module}} and the new one called {{acl-module}}:
> {code}
> ...
> "acl" => {
> "description" => "Access control list configuration. Configures a list of ACL modules to be used.",
> "model-description" => {"classic" => {
> "description" => "Access control list configuration. Configures a list of ACL modules to be used.",
> ...
> "operations" => undefined,
> "children" => {
> "acl-module" => {
> "description" => "ACL module",
> "model-description" => {"*" => {
> "description" => "List of authentication modules",
> ...
> "operations" => undefined,
> "children" => {}
> }}
> },
> "login-module" => {
> "description" => "Login module",
> "model-description" => {"*" => undefined}
> }
> }
> }}
> },
> ...
> {code}
> However the deprecated subresource {{login-modules}} should only appear if setting {{include-aliases=true}}
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
10 years
[JBoss JIRA] (WFCORE-456) Add a content-stream attribute to the root deployment=* resources
by Brian Stansberry (JIRA)
Brian Stansberry created WFCORE-456:
---------------------------------------
Summary: Add a content-stream attribute to the root deployment=* resources
Key: WFCORE-456
URL: https://issues.jboss.org/browse/WFCORE-456
Project: WildFly Core
Issue Type: Feature Request
Components: Domain Management
Reporter: Brian Stansberry
Add a new attribute to the deployment resource that allows the user to get a stream with the deployment content attached to the response, a la what we do with the subsystem=logging/log-file=* resource's "stream" attribute.
The attribute must be configured as runtime-only and read-only.
The read handler that handles the attribute should only attach a stream if the following conditions are met, otherwise the value for the attribute should remain as 'undefined'.
1) The resource's "content" attribute has only a single element in the list. (This is always the case today; adding a check for this is just future proofing)
2) The first element in the "content" attribute list has a defined value in its "hash" field. (This confirms the content is stored in the content repo. We won't support serving unmanaged content as we have insufficient control over it.)
3) The first element in the "content" attribute list has a 'true' as value of its "archive" field. (Current this will always be the case; this is future proofing for when we add support for exploded content in the content repo. Trying to assemble a stream from exploded content is currently out of scope for this feature.)
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
10 years
[JBoss JIRA] (WFCORE-309) system properties are trim()'d and loose whitespace
by Emmanuel Hugonnet (JIRA)
[ https://issues.jboss.org/browse/WFCORE-309?page=com.atlassian.jira.plugin... ]
Emmanuel Hugonnet commented on WFCORE-309:
------------------------------------------
Need to take value that can be expression into account
> system properties are trim()'d and loose whitespace
> ---------------------------------------------------
>
> Key: WFCORE-309
> URL: https://issues.jboss.org/browse/WFCORE-309
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management
> Reporter: Tom Fonteyne
> Assignee: Emmanuel Hugonnet
> Fix For: 1.0.0.Beta1
>
>
> When a system property was defined as:
> /system-property=foo:add(value=" spaces ");
> it gets written with the correct spaces around it to the configuration file.
> When the configuration is read the value gets trimmed and the prefix/suffix of spaces is lost.
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
10 years
[JBoss JIRA] (DROOLS-635) NPE thrown intermittently in multi-threading environment
by Mario Fusco (JIRA)
[ https://issues.jboss.org/browse/DROOLS-635?page=com.atlassian.jira.plugin... ]
Mario Fusco resolved DROOLS-635.
--------------------------------
Resolution: Cannot Reproduce Bug
> NPE thrown intermittently in multi-threading environment
> --------------------------------------------------------
>
> Key: DROOLS-635
> URL: https://issues.jboss.org/browse/DROOLS-635
> Project: Drools
> Issue Type: Bug
> Affects Versions: 6.1.0.Final, 6.2.0.Beta1, 6.2.0.CR1
> Reporter: John Le
> Assignee: Mario Fusco
>
> Below is the stacktrace for the NPE, it appears to be an issue when accumulate function is called under multi-threading condition. Please look at the remove function in the RightTupleIndexHashTable.java file. The remove function does not appear to have proper null checking around the "current" object.
> public void remove(final RightTuple rightTuple) {
> RightTupleList memory = rightTuple.getMemory();
> memory.remove( rightTuple );
> this.factSize--;
> if ( memory.first == null ) {
> final int index = indexOf( memory.hashCode(),
> this.table.length );
> RightTupleList previous = null;
> RightTupleList current = (RightTupleList) this.table[index];
> while ( current != memory ) {
> previous = current;
> current = (RightTupleList) current.getNext();
> }
> if ( previous != null ) {
> previous.next = current.next;
> } else {
> this.table[index] = current.next;
> }
> this.size--;
> }
> rightTuple.clear();
> }
> Stacktrace:
> java.lang.NullPointerException
> org.drools.core.util.index.RightTupleIndexHashTable.remove(RightTupleIndexHashTable.java:389)
> org.drools.core.phreak.RuleNetworkEvaluator.doUpdatesReorderRightMemory(RuleNetworkEvaluator.java:855)
> org.drools.core.phreak.PhreakJoinNode.doNode(PhreakJoinNode.java:43)
> org.drools.core.phreak.RuleNetworkEvaluator.switchOnDoBetaNode(RuleNetworkEvaluator.java:548)
> org.drools.core.phreak.RuleNetworkEvaluator.evalBetaNode(RuleNetworkEvaluator.java:534)
> org.drools.core.phreak.RuleNetworkEvaluator.innerEval(RuleNetworkEvaluator.java:334)
> org.drools.core.phreak.RuleNetworkEvaluator.outerEval(RuleNetworkEvaluator.java:161)
> org.drools.core.phreak.RuleNetworkEvaluator.evaluateNetwork(RuleNetworkEvaluator.java:116)
> org.drools.core.phreak.RuleExecutor.reEvaluateNetwork(RuleExecutor.java:230)
> org.drools.core.phreak.RuleExecutor.evaluateNetworkAndFire(RuleExecutor.java:103)
> org.drools.core.common.DefaultAgenda.fireNextItem(DefaultAgenda.java:988)
> org.drools.core.common.DefaultAgenda.fireAllRules(DefaultAgenda.java:1274)
> org.drools.core.impl.StatefulKnowledgeSessionImpl.fireAllRules(StatefulKnowledgeSessionImpl.java:1284)
> org.drools.core.impl.StatefulKnowledgeSessionImpl.fireAllRules(StatefulKnowledgeSessionImpl.java:1257)
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
10 years
[JBoss JIRA] (WFLY-4171) Provide an html5 archetype for wildfly
by Fred Bricon (JIRA)
Fred Bricon created WFLY-4171:
---------------------------------
Summary: Provide an html5 archetype for wildfly
Key: WFLY-4171
URL: https://issues.jboss.org/browse/WFLY-4171
Project: WildFly
Issue Type: Feature Request
Reporter: Fred Bricon
Assignee: Rafael Benevides
We'd like to provide a Wildfly-ified version of the html5 archetype in JBoss Central, for JBoss Tools and Developer Studio, The current version we serve right now are :
* org.jboss.aerogear.archetypes:jboss-html5-mobile-archetype:7.1.3.Final
* org.jboss.archetype.wfk:jboss-html5-mobile-archetype:2.6.0.Final
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
10 years