[JBoss JIRA] (WFLY-2904) Add advanced PKCS#11 support to security realms.
by Darran Lofthouse (JIRA)
Darran Lofthouse created WFLY-2904:
--------------------------------------
Summary: Add advanced PKCS#11 support to security realms.
Key: WFLY-2904
URL: https://issues.jboss.org/browse/WFLY-2904
Project: WildFly
Issue Type: Task
Security Level: Public (Everyone can see)
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 9.0.0.CR1
WFLY-2890 adds basic PKCS#11 support - this issue is to expand it so that the full configuration can be specified within the management model.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months
[JBoss JIRA] (WFLY-2903) Create Version 2.1 of the domain management schema
by Darran Lofthouse (JIRA)
Darran Lofthouse created WFLY-2903:
--------------------------------------
Summary: Create Version 2.1 of the domain management schema
Key: WFLY-2903
URL: https://issues.jboss.org/browse/WFLY-2903
Project: WildFly
Issue Type: Task
Security Level: Public (Everyone can see)
Components: Domain Management
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Critical
Fix For: 8.0.1.Final
Before additional configuration changes can be made a new version of the domain management schema is required - it is better to do this in it's own commit instead of a race for the first issue to add it.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months
[JBoss JIRA] (WFLY-2902) LockModeType.PESSIMISTIC_WRITE reported as NONE in the logs
by Jari Juslin (JIRA)
Jari Juslin created WFLY-2902:
---------------------------------
Summary: LockModeType.PESSIMISTIC_WRITE reported as NONE in the logs
Key: WFLY-2902
URL: https://issues.jboss.org/browse/WFLY-2902
Project: WildFly
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: JPA / Hibernate
Affects Versions: 8.0.0.CR1
Environment: Ubuntu 13.10, Oracle JVM 1.7.0u51.
Reporter: Jari Juslin
Assignee: Scott Marlow
Priority: Minor
The method getLockModeAsString reports lock mode
LockModeType.PESSIMISTIC_WRITE as "none".
This of course is a cosmetic issue, but highly misleading, considering PESSIMISTIC_WRITE is pretty much on the opposite end of the spectrum from NONE. Ie. looking at the logs it's not possible to know if there was the strictest possible lock or no lock at all.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months
[JBoss JIRA] (SECURITY-789) Credential stored in Subject is not propagated to the CredentialIdentity
by Paul Moore (JIRA)
Paul Moore created SECURITY-789:
-----------------------------------
Summary: Credential stored in Subject is not propagated to the CredentialIdentity
Key: SECURITY-789
URL: https://issues.jboss.org/browse/SECURITY-789
Project: PicketBox
Issue Type: Enhancement
Security Level: Public (Everyone can see)
Components: JBossSX
Affects Versions: PicketBox_4_0_20.Final
Environment: Darwin 13.0.2 Darwin Kernel Version 13.0.2: Sun Sep 29 19:38:57 PDT 2013; root:xnu-2422.75.4~1/RELEASE_X86_64
java version "1.7.0_15"
Java(TM) SE Runtime Environment (build 1.7.0_15-b03)
Java HotSpot(TM) 64-Bit Server VM (build 23.7-b01, mixed mode)
Wildfly-8.0.0.Final-SNAPSHOT
Reporter: Paul Moore
Assignee: Stefan Guilhen
h4. Use case
JASPI ServerAuthModule authenticates user in web layer (OAuth 2 Bearer token) and stores a "BearerCredential" in the Subject. Authentication works in the Servlet container, but fails at the service tier (EJB) because the credential is not part of the CredentialIdentity.
h4. Root cause
[JBossCallbackHandler|http://anonsvn.jboss.org/repos/picketbox/tags/4.0.20...] manages the mapping of Subject to Identity, but does not use credentials stored in Subject as part of the Identity creation process (PasswordValidationCallback uses callback properties directly).
Authentication at the EJB (service) tier fails because the Credential is not stored in the CredentialIdentity and is therefore unavailable to JBossSecurityContextUtil.getCredential().
h4. Approach
In discussion with asaldhan and sguilhen on IRC (#picketbox), it was agreed that:
# PicketBox source code would be (re)migrated to GitHub - asaldhan
# JASPICallbackHandler would be modified to obtain a Credential from the Subject (if available) during the CallerPrincipalCallback handling - paulkmoore
h4. Note(s)
# There is inherent tension in the mapping between Subject and Identity (SecurityContext) which may require a larger piece of work to resolve (i.e. Subject can have many Principals, many public credentials and many private credentials).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months
[JBoss JIRA] (WFLY-2897) Including Mojarra implementation in WAR file causes `com.sun.faces.config.ConfigurationException`
by Tomaz Cerar (JIRA)
[ https://issues.jboss.org/browse/WFLY-2897?page=com.atlassian.jira.plugin.... ]
Tomaz Cerar commented on WFLY-2897:
-----------------------------------
Can you by any chance try with latest nightly? https://ci.jboss.org/hudson/job/WildFly-latest-master/
> Including Mojarra implementation in WAR file causes `com.sun.faces.config.ConfigurationException`
> -------------------------------------------------------------------------------------------------
>
> Key: WFLY-2897
> URL: https://issues.jboss.org/browse/WFLY-2897
> Project: WildFly
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: JSF
> Affects Versions: 8.0.0.CR1
> Reporter: Lincoln Baxter III
> Assignee: Farah Juma
> Attachments: sample.zip
>
>
> This stack trace was taken from EAP6 or JBoss AS7 - but it also occurs on Wildfly.
> If possible, a nicer exception message (warning the user that they have included an implementation of JSF when,) might be useful. But I don't know the exact dynamics behind this interaction, so not sure what is possible here, or what "should" be the right interaction.
> I just know this was a bit hard to track down until randomly tripping on this in the POM and removing it.
> {code}
> 15:15:37,992 SEVERE [javax.enterprise.resource.webcontainer.jsf.config] (ServerService Thread Pool -- 71) Critical error during deployment: : com.sun.faces.config.ConfigurationException: The tag named passThroughAttribute from namespace http://xmlns.jcp.org/jsf/core has a null handler-class defined
> at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.processHandlerClass(FaceletTaglibConfigProcessor.java:415) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.processTags(FaceletTaglibConfigProcessor.java:371) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.processTagLibrary(FaceletTaglibConfigProcessor.java:314) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.process(FaceletTaglibConfigProcessor.java:263) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at com.sun.faces.config.ConfigManager.initialize(ConfigManager.java:363) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at com.sun.faces.config.ConfigureListener.contextInitialized(ConfigureListener.java:216) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at org.apache.catalina.core.StandardContext.contextListenerStart(StandardContext.java:3339) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
> at org.apache.catalina.core.StandardContext.start(StandardContext.java:3777) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
> at org.jboss.as.web.deployment.WebDeploymentService.doStart(WebDeploymentService.java:156) [jboss-as-web-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]
> at org.jboss.as.web.deployment.WebDeploymentService.access$000(WebDeploymentService.java:60) [jboss-as-web-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]
> at org.jboss.as.web.deployment.WebDeploymentService$1.run(WebDeploymentService.java:93) [jboss-as-web-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) [rt.jar:1.7.0_21]
> at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) [rt.jar:1.7.0_21]
> at java.util.concurrent.FutureTask.run(FutureTask.java:166) [rt.jar:1.7.0_21]
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_21]
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_21]
> at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_21]
> at org.jboss.threads.JBossThread.run(JBossThread.java:122)
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months
[JBoss JIRA] (WFLY-2897) Including Mojarra implementation in WAR file causes `com.sun.faces.config.ConfigurationException`
by Tomaz Cerar (JIRA)
[ https://issues.jboss.org/browse/WFLY-2897?page=com.atlassian.jira.plugin.... ]
Tomaz Cerar reassigned WFLY-2897:
---------------------------------
Assignee: Farah Juma (was: Stan Silvert)
> Including Mojarra implementation in WAR file causes `com.sun.faces.config.ConfigurationException`
> -------------------------------------------------------------------------------------------------
>
> Key: WFLY-2897
> URL: https://issues.jboss.org/browse/WFLY-2897
> Project: WildFly
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: JSF
> Affects Versions: 8.0.0.CR1
> Reporter: Lincoln Baxter III
> Assignee: Farah Juma
> Attachments: sample.zip
>
>
> This stack trace was taken from EAP6 or JBoss AS7 - but it also occurs on Wildfly.
> If possible, a nicer exception message (warning the user that they have included an implementation of JSF when,) might be useful. But I don't know the exact dynamics behind this interaction, so not sure what is possible here, or what "should" be the right interaction.
> I just know this was a bit hard to track down until randomly tripping on this in the POM and removing it.
> {code}
> 15:15:37,992 SEVERE [javax.enterprise.resource.webcontainer.jsf.config] (ServerService Thread Pool -- 71) Critical error during deployment: : com.sun.faces.config.ConfigurationException: The tag named passThroughAttribute from namespace http://xmlns.jcp.org/jsf/core has a null handler-class defined
> at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.processHandlerClass(FaceletTaglibConfigProcessor.java:415) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.processTags(FaceletTaglibConfigProcessor.java:371) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.processTagLibrary(FaceletTaglibConfigProcessor.java:314) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.process(FaceletTaglibConfigProcessor.java:263) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at com.sun.faces.config.ConfigManager.initialize(ConfigManager.java:363) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at com.sun.faces.config.ConfigureListener.contextInitialized(ConfigureListener.java:216) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
> at org.apache.catalina.core.StandardContext.contextListenerStart(StandardContext.java:3339) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
> at org.apache.catalina.core.StandardContext.start(StandardContext.java:3777) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
> at org.jboss.as.web.deployment.WebDeploymentService.doStart(WebDeploymentService.java:156) [jboss-as-web-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]
> at org.jboss.as.web.deployment.WebDeploymentService.access$000(WebDeploymentService.java:60) [jboss-as-web-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]
> at org.jboss.as.web.deployment.WebDeploymentService$1.run(WebDeploymentService.java:93) [jboss-as-web-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) [rt.jar:1.7.0_21]
> at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) [rt.jar:1.7.0_21]
> at java.util.concurrent.FutureTask.run(FutureTask.java:166) [rt.jar:1.7.0_21]
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_21]
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_21]
> at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_21]
> at org.jboss.threads.JBossThread.run(JBossThread.java:122)
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months