February 2014 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-3032) Cannot change application permissions on EAP 6 when the Java Security Manager is enabled

by Ivo Studensky (JIRA)

[ https://issues.jboss.org/browse/WFLY-3032?page=com.atlassian.jira.plugin.... ] Ivo Studensky commented on WFLY-3032: ------------------------------------- There already is a jira for the test case, see JBQA-9274. > Cannot change application permissions on EAP 6 when the Java Security Manager is enabled > ---------------------------------------------------------------------------------------- > > Key: WFLY-3032 > URL: https://issues.jboss.org/browse/WFLY-3032 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Security Manager > Affects Versions: 8.0.0.Final > Reporter: Ivo Studensky > Assignee: Ivo Studensky > > According to \[1\] a few changes have to be applied to the configuration in order to fix $subject$. > And a test-case is also needed. > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1065994#c1 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3016) Prevent NullPointerException in JDR CommandLineMain

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3016?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3016: ----------------------------------------------- Kabir Khan <kkhan(a)redhat.com> changed the Status of [bug 1069850|https://bugzilla.redhat.com/show_bug.cgi?id=1069850] from POST to MODIFIED > Prevent NullPointerException in JDR CommandLineMain > --------------------------------------------------- > > Key: WFLY-3016 > URL: https://issues.jboss.org/browse/WFLY-3016 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: JDR > Affects Versions: 8.0.0.Final > Reporter: Brad Maxwell > Assignee: Brad Maxwell > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2204) runtime exceptions thrown during parsing crash cli sessions

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-2204?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-2204: ----------------------------------------------- Kabir Khan <kkhan(a)redhat.com> changed the Status of [bug 997584|https://bugzilla.redhat.com/show_bug.cgi?id=997584] from POST to MODIFIED > runtime exceptions thrown during parsing crash cli sessions > ----------------------------------------------------------- > > Key: WFLY-2204 > URL: https://issues.jboss.org/browse/WFLY-2204 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: CLI > Affects Versions: 8.0.0.Alpha4 > Reporter: Alexey Loubyansky > Assignee: Alexey Loubyansky > Fix For: 8.0.0.CR1 > > > Runtime exceptions thrown during command line parsing crash CLI sessions. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2051) CLI write attribute dialog for string value should enclose value in generated command to double quotes

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-2051?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-2051: ----------------------------------------------- Kabir Khan <kkhan(a)redhat.com> changed the Status of [bug 988283|https://bugzilla.redhat.com/show_bug.cgi?id=988283] from POST to MODIFIED > CLI write attribute dialog for string value should enclose value in generated command to double quotes > ------------------------------------------------------------------------------------------------------ > > Key: WFLY-2051 > URL: https://issues.jboss.org/browse/WFLY-2051 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: CLI > Affects Versions: 8.0.0.Alpha4 > Reporter: Chao Wang > Assignee: Alexey Loubyansky > Fix For: 8.0.0.CR1 > > > {noformat} > Wildfly issue for https://bugzilla.redhat.com/show_bug.cgi?id=988283 > String value entered in write attribute dialog is written to command without double quotes, which is wrong in many cases > Eg. when user enteres in dialog value ${jboss.bind.address:127.0.0.1} > following command is generated: > /subsystem=webservices/:write-attribute(name=wsdl-host,value=${jboss.bind.address:127.0.0.1}) > Correctly should be generated command > /subsystem=webservices/:write-attribute(name=wsdl-host,value="${jboss.bind.address:127.0.0.1}") > 1. start AS > ./bin/standalone.sh > 2. start CLI GUI > ./bin/jboss-cli.sh --gui & > 3. click on node subsystem=webservices of / > 4. right click on wsdl-host and select write-attribute > 5. enter value ${jboss.bind.address:127.0.0.1} and click OK > 6. submit generated command > 7. reload node > click on node subsystem=webservices of / (close node) > click on node subsystem=webservices of / (open node) > Result is wsdl-host=$ instead of wsdl-host=${jboss.bind.address:127.0.0.1} > Workaround: in dialog box enclose the value in double quotes > {noformat} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1477) JACC HttpServletRequestPolicyContextHandler removal on single application undeploy impacting all other deployed applications

by Tomaz Cerar (JIRA)

[ https://issues.jboss.org/browse/WFLY-1477?page=com.atlassian.jira.plugin.... ] Tomaz Cerar resolved WFLY-1477. ------------------------------- Fix Version/s: 8.0.0.Final Resolution: Done This should be fixed in 8.0.0.Final > JACC HttpServletRequestPolicyContextHandler removal on single application undeploy impacting all other deployed applications > ---------------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-1477 > URL: https://issues.jboss.org/browse/WFLY-1477 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Web (Undertow) > Affects Versions: 8.0.0.Alpha1 > Environment: CentOS 6.x, JBoss AS 7.1.1.Final > Reporter: Steve S > Assignee: Tomaz Cerar > Labels: domain, jaas, jboss, jbossweb, login, module, security > Fix For: 8.0.0.Final > > > Please see the following forum post for a detailed explanation and findings(and potential workaround): > https://community.jboss.org/message/822054#822054 > If multiple WARs are deployed that depend on a login module leveraging: > HttpServletRequest request = (HttpServletRequest)PolicyContext.getContext("javax.servlet.http.HttpServletRequest"); > then upon undeploy of any web application in the container the HttpServletRequestPolicyContextHandler is removed(deregistered) in the stop() lifecycle method of the JBossWebRealmService, resulting in: > 13:03:35,335 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (ajp--0.0.0.0-8009-1) Login failure: javax.security.auth.login.LoginException: java.lang.IllegalArgumentException: No PolicyContextHandler for key=javax.servlet.http.HttpServletRequest at javax.security.jacc.PolicyContext.getContext(PolicyContext.java:117) > for any webapps still deployed for every subsequent access to them. > Simply redeploying any ONE of the remaining webapps or the previously undeployed webapp causes this problem to go away for all deployed applications. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3015) JSP EL can be less strict for legacy web.xml xsd usage

by Tomaz Cerar (JIRA)

[ https://issues.jboss.org/browse/WFLY-3015?page=com.atlassian.jira.plugin.... ] Tomaz Cerar closed WFLY-3015. ----------------------------- Fix Version/s: 8.0.1.Final Resolution: Rejected This is by design. In 2.3 web.xml times there was no support for EL in jsps yet. In that sense WildFly works as expected, if you need EL support just update your apps web.xml to newer version. even 2.4 will do. > JSP EL can be less strict for legacy web.xml xsd usage > ------------------------------------------------------ > > Key: WFLY-3015 > URL: https://issues.jboss.org/browse/WFLY-3015 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Web (Undertow) > Affects Versions: 8.0.0.Final > Reporter: Ales Justin > Assignee: Tomaz Cerar > Fix For: 8.0.1.Final > > > This breaks EL usage in UT. > <!DOCTYPE web-app PUBLIC > "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" > "http://java.sun.com/dtd/web-app_2_3.dtd"> -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2993) Core: jboss.sh fails to start with org.picketbox module not found

by Tomaz Cerar (JIRA)

[ https://issues.jboss.org/browse/WFLY-2993?page=com.atlassian.jira.plugin.... ] Tomaz Cerar updated WFLY-2993: ------------------------------ Fix Version/s: 8.0.1.Final (was: 9.0.0.CR1) > Core: jboss.sh fails to start with org.picketbox module not found > ----------------------------------------------------------------- > > Key: WFLY-2993 > URL: https://issues.jboss.org/browse/WFLY-2993 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: CLI > Affects Versions: 8.0.0.Final > Reporter: Jeff Mesnil > Assignee: Tomaz Cerar > Fix For: 8.0.1.Final > > > Note that the issue occurs only when using the WildFly 8 *core distribution*, the regular distribution is fine. > {noformat} > wildfly-core-8.0.0.Final$ ./bin/jboss-cli.sh -c > org.jboss.modules.ModuleNotFoundException: org.picketbox:main > at org.jboss.modules.Module.addPaths(Module.java:1030) > at org.jboss.modules.Module.link(Module.java:1386) > at org.jboss.modules.Module.relinkIfNecessary(Module.java:1414) > at org.jboss.modules.ModuleLoader.loadModule(ModuleLoader.java:242) > at org.jboss.modules.Main.main(Main.java:385) > {noformat} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3033) Better SSO configuration

by Tin Tvrtkovic (JIRA)

Tin Tvrtkovic created WFLY-3033: ----------------------------------- Summary: Better SSO configuration Key: WFLY-3033 URL: https://issues.jboss.org/browse/WFLY-3033 Project: WildFly Issue Type: Feature Request Security Level: Public (Everyone can see) Components: Web (Undertow) Affects Versions: 8.0.0.Final Reporter: Tin Tvrtkovic Assignee: Stuart Douglas When enabling Undertow SSO in standalone.xml, the only option to tweak is the cookie domain. My life would be made easier by two changes: 1) If the domain is not specified, the SSO cookie should have no domain set. This will make the browser apply the domain from the URL being requested. Currently the cookie domain gets populated with a value from the enclosing XML element. 2) There's no way of setting the cookie path, which makes this less useful for services on different URLs. I propose adding a path attribute to the SSO XML element, which would set the cookie path. For example: <single-sign-on path="/" /> Right now my workaround is to use my reverse proxy (Apache) to edit response headers and modify the cookie, removing the domain and adding the path. If anyone else needs the workaround: Header edit Set-Cookie "^JSESSIONIDSSO=([^; ]+).+" "JSESSIONIDSSO=$1; path=/" -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3032) Cannot change application permissions on EAP 6 when the Java Security Manager is enabled

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3032?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration updated WFLY-3032: ------------------------------------------ Bugzilla Update: Perform Bugzilla References: https://bugzilla.redhat.com/show_bug.cgi?id=1067620 > Cannot change application permissions on EAP 6 when the Java Security Manager is enabled > ---------------------------------------------------------------------------------------- > > Key: WFLY-3032 > URL: https://issues.jboss.org/browse/WFLY-3032 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Security Manager > Affects Versions: 8.0.0.Final > Reporter: Ivo Studensky > Assignee: Ivo Studensky > > According to \[1\] a few changes have to be applied to the configuration in order to fix $subject$. > And a test-case is also needed. > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1065994#c1 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3032) Cannot change application permissions on EAP 6 when the Java Security Manager is enabled

by Ivo Studensky (JIRA)

Ivo Studensky created WFLY-3032: ----------------------------------- Summary: Cannot change application permissions on EAP 6 when the Java Security Manager is enabled Key: WFLY-3032 URL: https://issues.jboss.org/browse/WFLY-3032 Project: WildFly Issue Type: Bug Security Level: Public (Everyone can see) Components: Security Manager Affects Versions: 8.0.0.Final Reporter: Ivo Studensky Assignee: Ivo Studensky According to \[1\] a few changes have to be applied to the configuration in order to fix $subject$. And a test-case is also needed. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1065994#c1 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 10 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira February 2014