[JBoss JIRA] (WFCORE-442) AbstractMultiTargetHandler-based handlers do not propagate failures to the top level failure-description
by Brian Stansberry (JIRA)
[ https://issues.jboss.org/browse/WFCORE-442?page=com.atlassian.jira.plugin... ]
Brian Stansberry updated WFCORE-442:
------------------------------------
Description:
An example is worth a thousand words:
{code}
[standalone@localhost:9990 /] /path=*:query(where={read-only=1})
{
"outcome" => "failed",
"result" => [
{
"address" => [("path" => "jboss.server.temp.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.server.temp.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/tmp",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "user.home")],
"outcome" => "failed",
"result" => {
"name" => "user.home",
"path" => "/Users/hbraun",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.server.base.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.server.base.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "java.home")],
"outcome" => "failed",
"result" => {
"name" => "java.home",
"path" => "/Library/Java/JavaVirtualMachines/jdk1.7.0_67.jdk/Contents/Home/jre",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "user.dir")],
"outcome" => "failed",
"result" => {
"name" => "user.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.server.data.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.server.data.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/data",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.home.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.home.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.server.log.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.server.log.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/log",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.server.config.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.server.config.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/configuration",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.controller.temp.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.controller.temp.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/tmp",
"read-only" => true,
"relative-to" => undefined
},
"failure-description" => "Illegal argument for attribute 'read-only'. Expected type BOOLEAN",
"rolled-back" => true
}
],
"rolled-back" => true
}
{code}
One item in the set has a failure description but the overall response does not.
ReadResourceDescriptionHandler handles similar things but has logic for creating an overall failure-description.
was:
An example is worth a thousand words:
{code]
[standalone@localhost:9990 /] /path=*:query(where={read-only=1})
{
"outcome" => "failed",
"result" => [
{
"address" => [("path" => "jboss.server.temp.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.server.temp.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/tmp",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "user.home")],
"outcome" => "failed",
"result" => {
"name" => "user.home",
"path" => "/Users/hbraun",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.server.base.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.server.base.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "java.home")],
"outcome" => "failed",
"result" => {
"name" => "java.home",
"path" => "/Library/Java/JavaVirtualMachines/jdk1.7.0_67.jdk/Contents/Home/jre",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "user.dir")],
"outcome" => "failed",
"result" => {
"name" => "user.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.server.data.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.server.data.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/data",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.home.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.home.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.server.log.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.server.log.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/log",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.server.config.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.server.config.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/configuration",
"read-only" => true,
"relative-to" => undefined
},
"rolled-back" => true
},
{
"address" => [("path" => "jboss.controller.temp.dir")],
"outcome" => "failed",
"result" => {
"name" => "jboss.controller.temp.dir",
"path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/tmp",
"read-only" => true,
"relative-to" => undefined
},
"failure-description" => "Illegal argument for attribute 'read-only'. Expected type BOOLEAN",
"rolled-back" => true
}
],
"rolled-back" => true
}
{code}
One item in the set has a failure description but the overall response does not.
ReadResourceDescriptionHandler handles similar things but has logic for creating an overall failure-description.
> AbstractMultiTargetHandler-based handlers do not propagate failures to the top level failure-description
> --------------------------------------------------------------------------------------------------------
>
> Key: WFCORE-442
> URL: https://issues.jboss.org/browse/WFCORE-442
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management
> Affects Versions: 1.0.0.Alpha13
> Reporter: Brian Stansberry
>
> An example is worth a thousand words:
> {code}
> [standalone@localhost:9990 /] /path=*:query(where={read-only=1})
> {
> "outcome" => "failed",
> "result" => [
> {
> "address" => [("path" => "jboss.server.temp.dir")],
> "outcome" => "failed",
> "result" => {
> "name" => "jboss.server.temp.dir",
> "path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/tmp",
> "read-only" => true,
> "relative-to" => undefined
> },
> "rolled-back" => true
> },
> {
> "address" => [("path" => "user.home")],
> "outcome" => "failed",
> "result" => {
> "name" => "user.home",
> "path" => "/Users/hbraun",
> "read-only" => true,
> "relative-to" => undefined
> },
> "rolled-back" => true
> },
> {
> "address" => [("path" => "jboss.server.base.dir")],
> "outcome" => "failed",
> "result" => {
> "name" => "jboss.server.base.dir",
> "path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone",
> "read-only" => true,
> "relative-to" => undefined
> },
> "rolled-back" => true
> },
> {
> "address" => [("path" => "java.home")],
> "outcome" => "failed",
> "result" => {
> "name" => "java.home",
> "path" => "/Library/Java/JavaVirtualMachines/jdk1.7.0_67.jdk/Contents/Home/jre",
> "read-only" => true,
> "relative-to" => undefined
> },
> "rolled-back" => true
> },
> {
> "address" => [("path" => "user.dir")],
> "outcome" => "failed",
> "result" => {
> "name" => "user.dir",
> "path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT",
> "read-only" => true,
> "relative-to" => undefined
> },
> "rolled-back" => true
> },
> {
> "address" => [("path" => "jboss.server.data.dir")],
> "outcome" => "failed",
> "result" => {
> "name" => "jboss.server.data.dir",
> "path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/data",
> "read-only" => true,
> "relative-to" => undefined
> },
> "rolled-back" => true
> },
> {
> "address" => [("path" => "jboss.home.dir")],
> "outcome" => "failed",
> "result" => {
> "name" => "jboss.home.dir",
> "path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT",
> "read-only" => true,
> "relative-to" => undefined
> },
> "rolled-back" => true
> },
> {
> "address" => [("path" => "jboss.server.log.dir")],
> "outcome" => "failed",
> "result" => {
> "name" => "jboss.server.log.dir",
> "path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/log",
> "read-only" => true,
> "relative-to" => undefined
> },
> "rolled-back" => true
> },
> {
> "address" => [("path" => "jboss.server.config.dir")],
> "outcome" => "failed",
> "result" => {
> "name" => "jboss.server.config.dir",
> "path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/configuration",
> "read-only" => true,
> "relative-to" => undefined
> },
> "rolled-back" => true
> },
> {
> "address" => [("path" => "jboss.controller.temp.dir")],
> "outcome" => "failed",
> "result" => {
> "name" => "jboss.controller.temp.dir",
> "path" => "/Users/hbraun/dev/prj/wildfly-core/core-build/target/wildfly-core-1.0.0.Alpha14-SNAPSHOT/standalone/tmp",
> "read-only" => true,
> "relative-to" => undefined
> },
> "failure-description" => "Illegal argument for attribute 'read-only'. Expected type BOOLEAN",
> "rolled-back" => true
> }
> ],
> "rolled-back" => true
> }
> {code}
> One item in the set has a failure description but the overall response does not.
> ReadResourceDescriptionHandler handles similar things but has logic for creating an overall failure-description.
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
11 years, 7 months
[JBoss JIRA] (WFLY-2850) AJP connector with external authentication
by Sylvain Brouillat (JIRA)
[ https://issues.jboss.org/browse/WFLY-2850?page=com.atlassian.jira.plugin.... ]
Sylvain Brouillat commented on WFLY-2850:
-----------------------------------------
Here are the full steps to be able to retreive the remote_user from front end server (like apache). Hope this will help someone.
In my case, I don't want to use JAAS on wildfly side, and let apache take care of all the authentication.
Indeed, if you just put in web.xml :
<login-config>
<auth-method>EXTERNAL</auth-method>
</login-config>
You'll get forbidden message from undertow.
This is because ExternalAuthenticationMechanism use the default wildfly LoginModule that try to authenticate to default Realm.
All you need to do is using the ClientLoginModule (see https://docs.jboss.org/author/display/WFLY8/Security+subsystem+configuration) specifying your own security domain. Add the following to standalone.xml to add a security domain using ClientLoginModule :
<security-domain name="mySecurityDomain" cache-type="default">
<authentication>
<login-module code="Client" flag="optional">
</login-module>
</authentication>
</security-domain>
Then, tell your war file to use mySecurityDomain as security-domain adding a jboss-web.xml file to the WEB-INF/ directory. jboss-web.xml looks like :
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>mySecurityDomain</security-domain>
</jboss-web>
Actually, ClientLoginModule just put your principal and credential into securityContext without authenticating the user to any realm, so that HttpServletRequest impl (io.undertow.servlet.spec.HttpServletRequestImpl) can retreive the remote user from the security context when you call HttpServletRequest.getRemoteUser().
> AJP connector with external authentication
> ------------------------------------------
>
> Key: WFLY-2850
> URL: https://issues.jboss.org/browse/WFLY-2850
> Project: WildFly
> Issue Type: Feature Request
> Components: Web (Undertow)
> Affects Versions: 8.0.0.CR1
> Reporter: Geert Coelmont
> Assignee: Stuart Douglas
> Priority: Critical
> Fix For: 8.1.0.CR2, 8.1.0.Final
>
>
> Tomcat allows to set the tomcatAuthentication attribute of the AJP connector to false to allow external web servers (e.g. apache httpd) to handle the authentication and pass that along.
> A similar option was added recently to JBossWeb as well (see WFLY-254), but JBossWeb has been replaced by Undertow. With Undertow this option isn't available as far as I can see.
> For me this is a critical problem as there is currently no way I can do negotiated (SPNEGO) authentication from within WildFly+Undertow. (See also WFLY-2404).
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
11 years, 7 months
[JBoss JIRA] (WFLY-4146) Cache add operation should automatically create its child resources
by Paul Ferraro (JIRA)
Paul Ferraro created WFLY-4146:
----------------------------------
Summary: Cache add operation should automatically create its child resources
Key: WFLY-4146
URL: https://issues.jboss.org/browse/WFLY-4146
Project: WildFly
Issue Type: Enhancement
Components: Clustering
Affects Versions: 9.0.0.Alpha1
Reporter: Paul Ferraro
Assignee: Paul Ferraro
There is effectively no difference between the behavior of a cache that does not contain a given child resource (e.g. transaction, locking, etc) and one that contains the child resource, but with default attribute values.
Consequently, the cache add operation should automatically create these resources (and the cache remove operation should automatically remove them). We can treat the child add operations as no-ops, and the child remove operations as a series of undefine-attribute operations.
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
11 years, 7 months