May 2014 - jboss-jira - Jboss List Archives

[JBoss JIRA] (JBJCA-1161) NPE in SemaphoreArrayListManagedConnectionPool

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/JBJCA-1161?page=com.atlassian.jira.plugin... ] RH Bugzilla Integration commented on JBJCA-1161: ------------------------------------------------ Vaclav Tunka <vtunka(a)redhat.com> changed the Status of [bug 1088469|https://bugzilla.redhat.com/show_bug.cgi?id=1088469] from MODIFIED to ON_QA > NPE in SemaphoreArrayListManagedConnectionPool > ---------------------------------------------- > > Key: JBJCA-1161 > URL: https://issues.jboss.org/browse/JBJCA-1161 > Project: IronJacamar > Issue Type: Bug > Components: Core > Affects Versions: 1.0.25.Final > Reporter: Jesper Pedersen > Assignee: Jesper Pedersen > Priority: Blocker > Fix For: 1.0.26.Final > > > {noformat} > at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreArrayListManagedConnectionPool.doDestroy(SemaphoreArrayListManagedConnectionPool.java:866) > at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreArrayListManagedConnectionPool.getConnection(SemaphoreArrayListManagedConnectionPool.java:312) > at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:404) > {noformat} -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2949) Cannot get exception as pass-by-reference

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-2949?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-2949: ----------------------------------------------- Vaclav Tunka <vtunka(a)redhat.com> changed the Status of [bug 1082880|https://bugzilla.redhat.com/show_bug.cgi?id=1082880] from MODIFIED to ON_QA > Cannot get exception as pass-by-reference > ----------------------------------------- > > Key: WFLY-2949 > URL: https://issues.jboss.org/browse/WFLY-2949 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: EJB > Affects Versions: 8.0.0.Final > Reporter: Osamu Nagano > Assignee: David Lloyd > Fix For: 8.1.0.CR1 > > > Despite of {{<in-vm-remote-interface-invocation pass-by-value="false"/>}}, an exception is not thrown by reference, which results in {{java.io.NotSerializableException}} if the exception doesn't implement {{Serializable}}. This is a blocker of a large migration project from WebLogic because it throws by reference even if that doesn't implement {{Serializable}}. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-2920) StackOverflowError when org.jboss.as.jacorb.rmi.InterfaceAnalysis is analyzing javax.ejb.EJBObject

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-2920?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-2920: ----------------------------------------------- Vaclav Tunka <vtunka(a)redhat.com> changed the Status of [bug 1072747|https://bugzilla.redhat.com/show_bug.cgi?id=1072747] from MODIFIED to ON_QA > StackOverflowError when org.jboss.as.jacorb.rmi.InterfaceAnalysis is analyzing javax.ejb.EJBObject > -------------------------------------------------------------------------------------------------- > > Key: WFLY-2920 > URL: https://issues.jboss.org/browse/WFLY-2920 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: IIOP > Affects Versions: 8.0.0.Final > Reporter: Osamu Nagano > Assignee: Stuart Douglas > Fix For: 8.1.0.CR1 > > Attachments: td.dump > > > Depending on when a thread context switch happens, an IIOP enabled EJB fails to be deployed by throwing {{java.lang.StackOverflowError}}. Here is the stack trace from the attached thread dump. > {code} > "MSC service thread 1-7" prio=10 tid=0x00007f52e8001800 nid=0x4d12 at breakpoint[0x00007f534093f000] > java.lang.Thread.State: RUNNABLE > at org.jboss.as.jacorb.rmi.WorkCacheManager.getAnalysis(WorkCacheManager.java:105) > at org.jboss.as.jacorb.rmi.InterfaceAnalysis.getInterfaceAnalysis(InterfaceAnalysis.java:53) > at org.jboss.as.jacorb.rmi.Util.getTypeIDLName(Util.java:104) > at org.jboss.as.jacorb.rmi.ParameterAnalysis.<init>(ParameterAnalysis.java:50) > at org.jboss.as.jacorb.rmi.OperationAnalysis.<init>(OperationAnalysis.java:91) > at org.jboss.as.jacorb.rmi.InterfaceAnalysis.analyzeOperations(InterfaceAnalysis.java:116) > at org.jboss.as.jacorb.rmi.ContainerAnalysis.doAnalyze(ContainerAnalysis.java:186) > at org.jboss.as.jacorb.rmi.InterfaceAnalysis.doAnalyze(InterfaceAnalysis.java:62) > at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.as.jacorb.rmi.WorkCacheManager.doTheWork(WorkCacheManager.java:177) > at org.jboss.as.jacorb.rmi.WorkCacheManager.getAnalysis(WorkCacheManager.java:105) > at org.jboss.as.jacorb.rmi.InterfaceAnalysis.getInterfaceAnalysis(InterfaceAnalysis.java:53) > at org.jboss.as.jacorb.rmi.Util.getTypeIDLName(Util.java:104) > at org.jboss.as.jacorb.rmi.ParameterAnalysis.<init>(ParameterAnalysis.java:50) > at org.jboss.as.jacorb.rmi.OperationAnalysis.<init>(OperationAnalysis.java:91) > at org.jboss.as.jacorb.rmi.InterfaceAnalysis.analyzeOperations(InterfaceAnalysis.java:116) > at org.jboss.as.jacorb.rmi.ContainerAnalysis.doAnalyze(ContainerAnalysis.java:186) > at org.jboss.as.jacorb.rmi.InterfaceAnalysis.doAnalyze(InterfaceAnalysis.java:62) > at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > ... > at org.jboss.as.jacorb.rmi.WorkCacheManager.doTheWork(WorkCacheManager.java:177) > at org.jboss.as.jacorb.rmi.WorkCacheManager.getAnalysis(WorkCacheManager.java:105) > at org.jboss.as.jacorb.rmi.InterfaceAnalysis.getInterfaceAnalysis(InterfaceAnalysis.java:53) > at org.jboss.as.jacorb.rmi.Util.getTypeIDLName(Util.java:104) > at org.jboss.as.jacorb.rmi.ParameterAnalysis.<init>(ParameterAnalysis.java:50) > Locked ownable synchronizers: > - <0x00000000f9698790> (a java.util.concurrent.ThreadPoolExecutor$Worker) > {code} > The last part including {{Util.getTypeIDLName}} has been repeated as many as possible and the bottom of the stack has been lost. The same stack has been appeared in a different MSC service thread which is also executing an IIOP enabled EJB deployment. > The customer identified an improper synchronization in {{org.jboss.as.jacorb.rmi.WorkCacheManager#getAnalysis()}}. It is reproducible by manually controlling a thread context switch using a debugger. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3161) Optimize org.jboss.as.jmx.model.RootResourceIterator

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3161?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3161: ----------------------------------------------- Vaclav Tunka <vtunka(a)redhat.com> changed the Status of [bug 1089616|https://bugzilla.redhat.com/show_bug.cgi?id=1089616] from MODIFIED to ON_QA > Optimize org.jboss.as.jmx.model.RootResourceIterator > ---------------------------------------------------- > > Key: WFLY-3161 > URL: https://issues.jboss.org/browse/WFLY-3161 > Project: WildFly > Issue Type: Sub-task > Security Level: Public(Everyone can see) > Components: Domain Management, JMX > Affects Versions: 8.0.0.Final > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Fix For: 8.1.0.CR1 > > > RootResourceIterator is performing an access control check on a resource before confirming that the caller is in any way interested in that resource. This results in spurious access control checks. Fixing this can speed up queryMBeans and queryNames calls. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-803) SecureIdentityLoginModule (and ConfiguredIdentityLoginModule) results are not cached by the JAAS cache

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/SECURITY-803?page=com.atlassian.jira.plug... ] RH Bugzilla Integration commented on SECURITY-803: -------------------------------------------------- Vaclav Tunka <vtunka(a)redhat.com> changed the Status of [bug 1069886|https://bugzilla.redhat.com/show_bug.cgi?id=1069886] from MODIFIED to ON_QA > SecureIdentityLoginModule (and ConfiguredIdentityLoginModule) results are not cached by the JAAS cache > ------------------------------------------------------------------------------------------------------ > > Key: SECURITY-803 > URL: https://issues.jboss.org/browse/SECURITY-803 > Project: PicketBox > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: PicketBox > Affects Versions: PicketBox_4_0_19.Final > Reporter: Derek Horton > Assignee: Stefan Guilhen > Attachments: SECURITY-803.patch > > > In EAP 6, when using the SecureIdentityLoginModule to encrypt datasource passwords, the results are not cached by the JAAS cache. In EAP 5, the results are cached. This can lead to a performance issue. > The root cause appears to be that the EAP 6 JAAS cache does not allow for a JAAS cache key to be null. > The issue only occurs when the application that uses the datasource is not secured. In this situation, the principal is null when isValid() and updateCache() are called. When the application is secured, the results are cached. I think it is working because the result of the SecureIdentityLoginModule are cached using the authenticated user's principal as the cache key. > Workaround: > Use vault for encrypting the database password. This does not use a JAAS login module so the JAAS cache and login module are completely avoided. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-815) NegotiationAuthenticator loses post data

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/SECURITY-815?page=com.atlassian.jira.plug... ] RH Bugzilla Integration commented on SECURITY-815: -------------------------------------------------- Vaclav Tunka <vtunka(a)redhat.com> changed the Status of [bug 1085504|https://bugzilla.redhat.com/show_bug.cgi?id=1085504] from MODIFIED to ON_QA > NegotiationAuthenticator loses post data > ---------------------------------------- > > Key: SECURITY-815 > URL: https://issues.jboss.org/browse/SECURITY-815 > Project: PicketBox > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Negotiation > Affects Versions: Negotiation_2_2_5 > Reporter: Derek Horton > Assignee: Darran Lofthouse > Fix For: Negotiation_2_2_8, Negotiation_2_3_0_CR2 > > > The NegotiationAuthenticator loses post data. > A customer is attempting to use Negotiation along with PicketLink at the IDP. This works fine as long as the SP is using HTTP-Redirect SAML binding. > If the SP is using HTTP-Redirect, then this issue is avoided as the SAMLRequest is passed along through the redirects on the URL. > If the HTTP-POST binding is used, then the NegotiationAuthenticator will lose the SAMLRequest post parameter. This means that after a user is successfully authenticated, the IDP will not know where to redirect the user to. As a result, the user will be left at the IDP index.html page. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-640) Jboss Negotiation fallback to login page if NTLM token is received or the user is not present in active directory.

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/SECURITY-640?page=com.atlassian.jira.plug... ] RH Bugzilla Integration commented on SECURITY-640: -------------------------------------------------- Vaclav Tunka <vtunka(a)redhat.com> changed the Status of [bug 1085503|https://bugzilla.redhat.com/show_bug.cgi?id=1085503] from MODIFIED to ON_QA > Jboss Negotiation fallback to login page if NTLM token is received or the user is not present in active directory. > ------------------------------------------------------------------------------------------------------------------ > > Key: SECURITY-640 > URL: https://issues.jboss.org/browse/SECURITY-640 > Project: PicketBox > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Negotiation > Environment: Active Directory Winwos 2003, Client Machine windows XP, Jboss Server Machine Window XP and Jboss 6.1 > Reporter: Hrishi Salvi > Assignee: Derek Horton > Fix For: Negotiation_2_2_8, Negotiation_2_3_0_CR2 > > > We are trying to configure the single sign on using jboss negotiation. > We are able to login successfully if the user is present in active directory. > But in case if user is not present in active directory users, it throw 401 error page. > Instead of 401 we want user to access login form and authenticate user using different login module. > In our case we have login page we authenticate user on that page. > If we receive user credentials we login the user without asking for password. > Now if the user credentials are not received then we want user to open login form present > on login page, but before that is throws 401 error. > We have configure the login-config.xml, web.xml and jboss-web.xml as per the documentation. > Also defined > <web-resource-collection> > <web-resource-name>Restricted</web-resource-name> > <url-pattern>/Request</url-pattern> > <http-method>GET</http-method> > <http-method>POST</http-method> > </web-resource-collection> > in web.xml > Our application is access through Request servlet. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3099) management authorization throws an exception when an LDAP group contains a slash/backslash character

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3099?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3099: ----------------------------------------------- Vaclav Tunka <vtunka(a)redhat.com> changed the Status of [bug 1075082|https://bugzilla.redhat.com/show_bug.cgi?id=1075082] from MODIFIED to ON_QA > management authorization throws an exception when an LDAP group contains a slash/backslash character > ---------------------------------------------------------------------------------------------------- > > Key: WFLY-3099 > URL: https://issues.jboss.org/browse/WFLY-3099 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Domain Management > Affects Versions: 8.0.0.Final > Reporter: Tom Fonteyne > Assignee: Tom Fonteyne > Fix For: 8.1.0.CR1 > > > management authorization throws an exception when an LDAP group contains a slash/backslash character -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3069) slaves cannot reconnect to a restarted master if RBAC is enabled

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3069?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3069: ----------------------------------------------- Vaclav Tunka <vtunka(a)redhat.com> changed the Status of [bug 1072949|https://bugzilla.redhat.com/show_bug.cgi?id=1072949] from MODIFIED to ON_QA > slaves cannot reconnect to a restarted master if RBAC is enabled > ---------------------------------------------------------------- > > Key: WFLY-3069 > URL: https://issues.jboss.org/browse/WFLY-3069 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Domain Management > Affects Versions: 8.0.0.Final > Reporter: Tom Fonteyne > Assignee: Emanuel Muckenhuber > Priority: Critical > Fix For: 8.1.0.CR1 > > > Enable RBAC in an Wilfly domain setup. "reload --host=master" and the slaves will no longer be connected to the master -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3067) Webservices DUP is not scanning all visible classes for @WebService annotation

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3067?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3067: ----------------------------------------------- Vaclav Tunka <vtunka(a)redhat.com> changed the Status of [bug 1079085|https://bugzilla.redhat.com/show_bug.cgi?id=1079085] from MODIFIED to ON_QA > Webservices DUP is not scanning all visible classes for @WebService annotation > ------------------------------------------------------------------------------ > > Key: WFLY-3067 > URL: https://issues.jboss.org/browse/WFLY-3067 > Project: WildFly > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Web Services > Affects Versions: 8.0.0.Final > Reporter: Kyle Lape > Assignee: Jim Ma > Fix For: 8.1.0.CR1 > > > Sample use case: You have a .war in an .ear, and the .war has a web.xml with a {{<servlet-class>}} that refers to a JAX-WS endpoint, so the class is annotated with {{@WebService}}. If that class is packaged in a jar found in the ear's lib directory, the JBossWS DUP won't pick it up, and then Undertow will throw an error like this: > {noformat} > UT010009: Servlet ClientEndpoint of type class com.redhat.gss.jaxws.ClientEndpoint does not implement javax.servlet.Servlet > {noformat} -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 10 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2014