April 2014 - jboss-jira - Jboss List Archives

[JBoss JIRA] (JBJCA-1161) NPE in SemaphoreArrayListManagedConnectionPool

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/JBJCA-1161?page=com.atlassian.jira.plugin... ] RH Bugzilla Integration commented on JBJCA-1161: ------------------------------------------------ Carlo de Wolf <cdewolf(a)redhat.com> changed the Status of [bug 1088469|https://bugzilla.redhat.com/show_bug.cgi?id=1088469] from POST to MODIFIED > NPE in SemaphoreArrayListManagedConnectionPool > ---------------------------------------------- > > Key: JBJCA-1161 > URL: https://issues.jboss.org/browse/JBJCA-1161 > Project: IronJacamar > Issue Type: Bug > Components: Core > Affects Versions: 1.0.25.Final > Reporter: Jesper Pedersen > Assignee: Jesper Pedersen > Priority: Blocker > Fix For: 1.0.26.Final > > > {noformat} > at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreArrayListManagedConnectionPool.doDestroy(SemaphoreArrayListManagedConnectionPool.java:866) > at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreArrayListManagedConnectionPool.getConnection(SemaphoreArrayListManagedConnectionPool.java:312) > at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:404) > {noformat} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-815) NegotiationAuthenticator loses post data

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/SECURITY-815?page=com.atlassian.jira.plug... ] RH Bugzilla Integration commented on SECURITY-815: -------------------------------------------------- Carlo de Wolf <cdewolf(a)redhat.com> changed the Status of [bug 1085504|https://bugzilla.redhat.com/show_bug.cgi?id=1085504] from POST to MODIFIED > NegotiationAuthenticator loses post data > ---------------------------------------- > > Key: SECURITY-815 > URL: https://issues.jboss.org/browse/SECURITY-815 > Project: PicketBox > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Negotiation > Affects Versions: Negotiation_2_2_5 > Reporter: Derek Horton > Assignee: Darran Lofthouse > Fix For: Negotiation_2_2_8, Negotiation_2_3_0_CR2 > > > The NegotiationAuthenticator loses post data. > A customer is attempting to use Negotiation along with PicketLink at the IDP. This works fine as long as the SP is using HTTP-Redirect SAML binding. > If the SP is using HTTP-Redirect, then this issue is avoided as the SAMLRequest is passed along through the redirects on the URL. > If the HTTP-POST binding is used, then the NegotiationAuthenticator will lose the SAMLRequest post parameter. This means that after a user is successfully authenticated, the IDP will not know where to redirect the user to. As a result, the user will be left at the IDP index.html page. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-722) SPNEGO-fallback-to-FORM authentication does not work with httpd+JBossEAP6 if SPNEGO not available

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/SECURITY-722?page=com.atlassian.jira.plug... ] RH Bugzilla Integration commented on SECURITY-722: -------------------------------------------------- Carlo de Wolf <cdewolf(a)redhat.com> changed the Status of [bug 1085505|https://bugzilla.redhat.com/show_bug.cgi?id=1085505] from POST to MODIFIED > SPNEGO-fallback-to-FORM authentication does not work with httpd+JBossEAP6 if SPNEGO not available > ------------------------------------------------------------------------------------------------- > > Key: SECURITY-722 > URL: https://issues.jboss.org/browse/SECURITY-722 > Project: PicketBox > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Negotiation > Affects Versions: Negotiation_2_2_1 > Environment: RHEL6, JBoss EAP 6 > Reporter: flame liu > Assignee: Derek Horton > Fix For: Negotiation_2_2_8, Negotiation_2_3_0_CR2 > > > I configured SPNEGO in EAP6. It works well both with EAP only and EAP6 + Apache httpd(mod_proxy). Users just run kinit and will be able to be successfully authenticated. > After that, I added the fallback-to-form files/configurations both in the web app and standalone-full.xml. The fallback-to-form works only if httpd stops. If httpd starts, 401 error will always be thrown out. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-803) SecureIdentityLoginModule (and ConfiguredIdentityLoginModule) results are not cached by the JAAS cache

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/SECURITY-803?page=com.atlassian.jira.plug... ] RH Bugzilla Integration commented on SECURITY-803: -------------------------------------------------- Carlo de Wolf <cdewolf(a)redhat.com> changed the Status of [bug 1069886|https://bugzilla.redhat.com/show_bug.cgi?id=1069886] from POST to MODIFIED > SecureIdentityLoginModule (and ConfiguredIdentityLoginModule) results are not cached by the JAAS cache > ------------------------------------------------------------------------------------------------------ > > Key: SECURITY-803 > URL: https://issues.jboss.org/browse/SECURITY-803 > Project: PicketBox > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: PicketBox > Affects Versions: PicketBox_4_0_19.Final > Reporter: Derek Horton > Assignee: Stefan Guilhen > Attachments: SECURITY-803.patch > > > In EAP 6, when using the SecureIdentityLoginModule to encrypt datasource passwords, the results are not cached by the JAAS cache. In EAP 5, the results are cached. This can lead to a performance issue. > The root cause appears to be that the EAP 6 JAAS cache does not allow for a JAAS cache key to be null. > The issue only occurs when the application that uses the datasource is not secured. In this situation, the principal is null when isValid() and updateCache() are called. When the application is secured, the results are cached. I think it is working because the result of the SecureIdentityLoginModule are cached using the authenticated user's principal as the cache key. > Workaround: > Use vault for encrypting the database password. This does not use a JAAS login module so the JAAS cache and login module are completely avoided. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-1197) Port the legacy jmx-console to AS7

by Joe Nelson (JIRA)

[ https://issues.jboss.org/browse/WFLY-1197?page=com.atlassian.jira.plugin.... ] Joe Nelson commented on WFLY-1197: ---------------------------------- I'm getting a similar error to Cory. Has this been addressed? > Port the legacy jmx-console to AS7 > ---------------------------------- > > Key: WFLY-1197 > URL: https://issues.jboss.org/browse/WFLY-1197 > Project: WildFly > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Components: JMX > Reporter: Dimitris Andreadis > Assignee: Darran Lofthouse > Labels: JMX, as7, jmx-console, management_security,, management_sso > Attachments: jmx-console.war, jmx-console.war > > > I've seen a few people asking for a port of the old jmx-console to AS7, for monitoring purposes, until equivalent functionality is available through the new GWT-based console. > I've ported the old console in this branch: > https://github.com/dandreadis/jboss-as/commits/jmx-console > It only includes a new top-level directory 'jmx-console'. The directory is not build by default, and when you build it manually it does not alter the server configuration in any way, you need to manually copy the resulting target/jboss-as-jmx-console-VERSION.war to the server deployment directory (and rename it to jmx-console.war) > If there is interest, it could be included in the AS7 distro in some top level 'legacy' directory so it is not deployed by default? > The resulting .war is attached on this JIRA, in case someone wants to use it. It work just as well on AS 7.0.2 and the latest AS 7.1.x development branch. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-72) Potential memory leak in StatelessKnowledgeSessionImpl#execute when fireAllRules throwing RuntimeException

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/DROOLS-72?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on DROOLS-72: ----------------------------------------------- nwallace <nwallace(a)redhat.com> changed the Status of [bug 1036126|https://bugzilla.redhat.com/show_bug.cgi?id=1036126] from ASSIGNED to MODIFIED > Potential memory leak in StatelessKnowledgeSessionImpl#execute when fireAllRules throwing RuntimeException > ---------------------------------------------------------------------------------------------------------- > > Key: DROOLS-72 > URL: https://issues.jboss.org/browse/DROOLS-72 > Project: Drools > Issue Type: Bug > Security Level: Public(Everyone can see) > Affects Versions: 5.5.0.Final > Reporter: Trung Nguyen > Assignee: Mario Fusco > Fix For: 5.5.1.Final, 6.0.0.Alpha9 > > > when {{ksession.fireAllRules()}} throws RuntimeException, it cause {{ksession}} never gets released. > {code:lang=java} > public void execute(Object object) { > StatefulKnowledgeSession ksession = newWorkingMemory(); > ksession.insert( object ); > ksession.fireAllRules( ); > ksession.dispose(); > } > public void execute(Iterable objects) { > StatefulKnowledgeSession ksession = newWorkingMemory(); > for ( Object object : objects ) { > ksession.insert( object ); > } > ksession.fireAllRules( ); > ksession.dispose(); > } > {code} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-195) Rule Engine Crashes when used Slide Window constraints and kAgent is configured as incremental processing

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/DROOLS-195?page=com.atlassian.jira.plugin... ] RH Bugzilla Integration commented on DROOLS-195: ------------------------------------------------ nwallace <nwallace(a)redhat.com> changed the Status of [bug 1031099|https://bugzilla.redhat.com/show_bug.cgi?id=1031099] from ASSIGNED to MODIFIED > Rule Engine Crashes when used Slide Window constraints and kAgent is configured as incremental processing > --------------------------------------------------------------------------------------------------------- > > Key: DROOLS-195 > URL: https://issues.jboss.org/browse/DROOLS-195 > Project: Drools > Issue Type: Bug > Security Level: Public(Everyone can see) > Reporter: Alessandro Lazarotti > Assignee: Mario Fusco > Attachments: LoopTest.java > > > When there is a Slide Window constraint and the kbase is configured to receive incremental changes from the kagent (drools.agent.newInstance as false) - the engine crashes > Attached unit test > Version: 5.3.0 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-127) SPNEGO Across Cluster

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-127?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-127: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > SPNEGO Across Cluster > --------------------- > > Key: SECURITY-127 > URL: https://issues.jboss.org/browse/SECURITY-127 > Project: PicketBox > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Negotiation > Reporter: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > > Use a distributed cache or re-authenticate at each node? -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-128) Same user calling multiple web applications

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-128?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-128: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > Same user calling multiple web applications > ------------------------------------------- > > Key: SECURITY-128 > URL: https://issues.jboss.org/browse/SECURITY-128 > Project: PicketBox > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Negotiation > Reporter: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > > The same user may be authenticated multiple times. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-131) WS-Kerberos

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-131?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-131: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > WS-Kerberos > ----------- > > Key: SECURITY-131 > URL: https://issues.jboss.org/browse/SECURITY-131 > Project: PicketBox > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Negotiation > Reporter: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > > Both incomming and outbound. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

10 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira April 2014