March 2014 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-2474) Security subsystem does not handle acl's module properly, and is missing transformer

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-2474?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-2474: ----------------------------------------------- Paul Gier <pgier(a)redhat.com> changed the Status of [bug 1029938|https://bugzilla.redhat.com/show_bug.cgi?id=1029938] from MODIFIED to ON_QA > Security subsystem does not handle acl's module properly, and is missing transformer > ------------------------------------------------------------------------------------ > > Key: WFLY-2474 > URL: https://issues.jboss.org/browse/WFLY-2474 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Domain Management > Affects Versions: 8.0.0.Beta1 > Reporter: Kabir Khan > Assignee: Kabir Khan > Fix For: 8.0.0.CR1 > > > The parsed add is done for /subsystem=security/security-domain=other/acl=classic/acl-module=acl > However in the acl resource this is called login-module=acl. > WHen marshalling > {code} > <acl> > <acl-module name="acl" code="AclThingy" flag="required" module="test"> > <module-option name="d" value="r"/> > </acl-module> > </acl> > {code} > becomes > {code} > <acl> > <login-module name="acl" code="AclThingy" flag="required" module="test"> > <module-option name="d" value="r"/> > </login-module> > </acl> > {code} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3131) isSensitiveValue of class SensitiveVaultExpressionConstraint uses incorrect index in java.lang.String.substring method

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3131?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3131: ----------------------------------------------- Paul Gier <pgier(a)redhat.com> changed the Status of [bug 1077838|https://bugzilla.redhat.com/show_bug.cgi?id=1077838] from MODIFIED to ON_QA > isSensitiveValue of class SensitiveVaultExpressionConstraint uses incorrect index in java.lang.String.substring method > ----------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-3131 > URL: https://issues.jboss.org/browse/WFLY-3131 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Domain Management > Affects Versions: 8.0.0.Final > Environment: All > Reporter: Jay Kumar SenSharma > Assignee: Jay Kumar SenSharma > > The isSensitiveValue(ModelNode value) method of class "org.jboss.as.controller.access.constraint.SensitiveVaultExpressionConstraint" seems to be using the incorrect index in java.lang.String.substring method. Which is causing the following exceptions in the logs while executing the following kind of CLI command: > {code} > [standalone@localhost:9990 /] /subsystem=logging/periodic-rotating-file-handler=FILE:write-attribute(name=formatter, value="%d{HH:mm:ss,SSS} %-5p [%c] (${jboss.node.name} %t) %s%E%n") > { > "outcome" => "failed", > "failure-description" => "JBAS014749: Operation handler failed: String index out of range: -15", > "rolled-back" => true > } > {code} > The Exception can be seen as following in the WildFly Logs: > {code} > 21:58:04,821 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 25) JBAS014612: Operation ("write-attribute") failed - address: ([ > ("subsystem" => "logging"), > ("periodic-rotating-file-handler" => "FILE") > ]): java.lang.StringIndexOutOfBoundsException: String index out of range: -15 > at java.lang.String.substring(String.java:1911) [rt.jar:1.7.0_51] > at org.jboss.as.controller.access.constraint.SensitiveVaultExpressionConstraint$Factory.isSensitiveValue(SensitiveVaultExpressionConstraint.java:128) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.access.constraint.SensitiveVaultExpressionConstraint$Factory.isSensitiveAction(SensitiveVaultExpressionConstraint.java:89) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.access.constraint.SensitiveVaultExpressionConstraint$Factory.getRequiredConstraint(SensitiveVaultExpressionConstraint.java:81) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.access.rbac.DefaultPermissionFactory.getRequiredPermissions(DefaultPermissionFactory.java:201) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.access.permission.ManagementPermissionAuthorizer.authorize(ManagementPermissionAuthorizer.java:100) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.access.management.DelegatingConfigurableAuthorizer.authorize(DelegatingConfigurableAuthorizer.java:98) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.OperationContextImpl.getBasicAuthorizationResponse(OperationContextImpl.java:1153) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.OperationContextImpl.authorize(OperationContextImpl.java:1055) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.OperationContextImpl.authorize(OperationContextImpl.java:1015) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.OperationContextImpl.getResourceRegistration(OperationContextImpl.java:265) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.operations.global.WriteAttributeHandler.execute(WriteAttributeHandler.java:72) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:591) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.java:469) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.AbstractOperationContext.completeStepInternal(AbstractOperationContext.java:273) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:268) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:272) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:146) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:174) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$300(ModelControllerClientOperationHandler.java:105) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:125) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:121) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_51] > at javax.security.auth.Subject.doAs(Subject.java:415) [rt.jar:1.7.0_51] > at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:94) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:121) [wildfly-controller-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.protocol.mgmt.AbstractMessageHandler$2$1.doExecute(AbstractMessageHandler.java:283) [wildfly-protocol-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at org.jboss.as.protocol.mgmt.AbstractMessageHandler$AsyncTaskRunner.run(AbstractMessageHandler.java:504) [wildfly-protocol-8.0.1.Final-SNAPSHOT.jar:8.0.1.Final-SNAPSHOT] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_51] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_51] > at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_51] > at org.jboss.threads.JBossThread.run(JBossThread.java:122) [jboss-threads-2.1.1.Final.jar:2.1.1.Final] > {code} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2303) mod_cluster XSD is missing property and worker-timeout definitions

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-2303?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-2303: ----------------------------------------------- Paul Gier <pgier(a)redhat.com> changed the Status of [bug 1020142|https://bugzilla.redhat.com/show_bug.cgi?id=1020142] from MODIFIED to ON_QA > mod_cluster XSD is missing property and worker-timeout definitions > ------------------------------------------------------------------ > > Key: WFLY-2303 > URL: https://issues.jboss.org/browse/WFLY-2303 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Clustering > Affects Versions: 8.0.0.Beta1 > Reporter: Radoslav Husar > Assignee: Radoslav Husar > Fix For: 8.0.0.CR1 > > > * worker-timeout > * property > are missing. > Also missing in 7.x -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3130) Add a custom RuntimeException to add-user utility.

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3130?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3130: ----------------------------------------------- Paul Gier <pgier(a)redhat.com> changed the Status of [bug 1062595|https://bugzilla.redhat.com/show_bug.cgi?id=1062595] from MODIFIED to ON_QA > Add a custom RuntimeException to add-user utility. > -------------------------------------------------- > > Key: WFLY-3130 > URL: https://issues.jboss.org/browse/WFLY-3130 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Domain Management > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 8.0.1.Final > > > The add-user utility uses a RuntimeException to indicate failure in non-interactive mode, this does not look good so should switch it to a custom exception of our own. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2408) Add TRACE logging for connection properties used to connect to LDAP from realm.

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-2408?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-2408: ----------------------------------------------- Paul Gier <pgier(a)redhat.com> changed the Status of [bug 974324|https://bugzilla.redhat.com/show_bug.cgi?id=974324] from MODIFIED to ON_QA > Add TRACE logging for connection properties used to connect to LDAP from realm. > ------------------------------------------------------------------------------- > > Key: WFLY-2408 > URL: https://issues.jboss.org/browse/WFLY-2408 > Project: WildFly > Issue Type: Sub-task > Security Level: Public(Everyone can see) > Components: Domain Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 8.0.0.CR1 > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-352) Add sufficient TRACE / DEBUG logging to debug security realm configurations.

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-352?page=com.atlassian.jira.plugin.s... ] RH Bugzilla Integration commented on WFLY-352: ---------------------------------------------- Paul Gier <pgier(a)redhat.com> changed the Status of [bug 974324|https://bugzilla.redhat.com/show_bug.cgi?id=974324] from MODIFIED to ON_QA > Add sufficient TRACE / DEBUG logging to debug security realm configurations. > ---------------------------------------------------------------------------- > > Key: WFLY-352 > URL: https://issues.jboss.org/browse/WFLY-352 > Project: WildFly > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Components: Domain Management > Reporter: Eric Rich > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 8.0.0.Beta1 > > Attachments: jboss-as-domain-management-7.1.2.Final-redhat-1.jar, log_mgmt_auth_calls.txt > > > When trying to diagnose LDAP or Admin Configuration issue in Domain mode there is currently no logging for any of the authentication information. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3125) Update help text for add-user to reflect that password is checked against the configured policy.

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3125?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3125: ----------------------------------------------- Paul Gier <pgier(a)redhat.com> changed the Status of [bug 1063888|https://bugzilla.redhat.com/show_bug.cgi?id=1063888] from MODIFIED to ON_QA > Update help text for add-user to reflect that password is checked against the configured policy. > ------------------------------------------------------------------------------------------------ > > Key: WFLY-3125 > URL: https://issues.jboss.org/browse/WFLY-3125 > Project: WildFly > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Domain Management > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 8.0.1.Final > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3133) Misleading error message for add-user username requirements.

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3133?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3133: ----------------------------------------------- Paul Gier <pgier(a)redhat.com> changed the Status of [bug 1062611|https://bugzilla.redhat.com/show_bug.cgi?id=1062611] from MODIFIED to ON_QA > Misleading error message for add-user username requirements. > ------------------------------------------------------------ > > Key: WFLY-3133 > URL: https://issues.jboss.org/browse/WFLY-3133 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Domain Management > Affects Versions: 8.0.0.Final > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 8.0.1.Final > > > The current error message is: - > {code} > JBAS015239: Only alpha/numeric usernames accepted. > {code} > However a small set of symbols are allowed. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3161) Optimize org.jboss.as.jmx.model.RootResourceIterator

by Brian Stansberry (JIRA)

Brian Stansberry created WFLY-3161: -------------------------------------- Summary: Optimize org.jboss.as.jmx.model.RootResourceIterator Key: WFLY-3161 URL: https://issues.jboss.org/browse/WFLY-3161 Project: WildFly Issue Type: Sub-task Security Level: Public (Everyone can see) Components: Domain Management, JMX Affects Versions: 8.0.0.Final Reporter: Brian Stansberry Assignee: Brian Stansberry Fix For: 9.0.0.CR1 RootResourceIterator is performing an access control check on a resource before confirming that the caller is in any way interested in that resource. This results in spurious access control checks. Fixing this can speed up queryMBeans and queryNames calls. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBJCA-1157) Kerberos support

by Jesper Pedersen (JIRA)

Jesper Pedersen created JBJCA-1157: -------------------------------------- Summary: Kerberos support Key: JBJCA-1157 URL: https://issues.jboss.org/browse/JBJCA-1157 Project: IronJacamar Issue Type: Task Components: JDBC Reporter: Jesper Pedersen Assignee: Jesper Pedersen Fix For: 1.0.25.Final, 1.1.5.Final, 1.2.0.Beta1 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 9 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira March 2014