[JBoss JIRA] (WFCORE-29) IllegalStateException when patching MBeans are queried during shutdown
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/WFCORE-29?page=com.atlassian.jira.plugin.... ]
RH Bugzilla Integration commented on WFCORE-29:
-----------------------------------------------
Paul Gier <pgier(a)redhat.com> changed the Status of [bug 1110117|https://bugzilla.redhat.com/show_bug.cgi?id=1110117] from MODIFIED to ON_QA
> IllegalStateException when patching MBeans are queried during shutdown
> ----------------------------------------------------------------------
>
> Key: WFCORE-29
> URL: https://issues.jboss.org/browse/WFCORE-29
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management, Patching
> Reporter: James Livingston
> Assignee: Emanuel Muckenhuber
> Attachments: shutdownmbeanquery.jar
>
>
> If the MBeans for the patching subsystem are queried during server shutdown, it can result in an IllegalStateException. InstallationManagerService has already had stop() called on it, so the value is null.
> This can be reproduced by the attached EJB, which does a MBeanServer.queryMBeans(null, null); from the @PreDestroy method. It's in a loop to ensure it runs after the installation manager gets de-initialised.
> java.lang.IllegalStateException
> at org.jboss.as.patching.installation.InstallationManagerService.getValue(InstallationManagerService.java:87) [wildfly-patching-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.as.patching.installation.InstallationManagerService.getValue(InstallationManagerService.java:28) [wildfly-patching-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.msc.service.ServiceControllerImpl.getValue(ServiceControllerImpl.java:1158) [jboss-msc-1.2.2.Final.jar:1.2.2.Final]
> at org.jboss.as.patching.management.PatchResource$ElementProviderResourceProvider.children(PatchResource.java:139) [wildfly-patching-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.as.patching.management.PatchResource$ElementProviderResourceProvider.hasChildren(PatchResource.java:134) [wildfly-patching-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.as.controller.registry.AbstractModelResource.hasChildren(AbstractModelResource.java:81) [wildfly-controller-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.as.controller.registry.AbstractModelResource$DelegateResource.hasChildren(AbstractModelResource.java:279) [wildfly-controller-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.as.jmx.model.RootResourceIterator.doIterate(RootResourceIterator.java:57) [wildfly-jmx-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.as.jmx.model.RootResourceIterator.doIterate(RootResourceIterator.java:61) [wildfly-jmx-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.as.jmx.model.RootResourceIterator.iterate(RootResourceIterator.java:43) [wildfly-jmx-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.as.jmx.model.ModelControllerMBeanHelper.queryMBeans(ModelControllerMBeanHelper.java:125) [wildfly-jmx-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.as.jmx.model.ModelControllerMBeanServerPlugin.queryMBeans(ModelControllerMBeanServerPlugin.java:159) [wildfly-jmx-8.1.0.Final.jar:8.1.0.Final]
> at org.jboss.as.jmx.PluggableMBeanServerImpl.queryMBeans(PluggableMBeanServerImpl.java:816) [wildfly-jmx-8.1.0.Final.jar:8.1.0.Final]
> at example.ShutdownMBeanQuery.destroy(ShutdownMBeanQuery.java:23)
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (WFLY-2358) setting <jacc-star-role-allow> in jboss-web.xml does not set allRolesMode to "authOnly"
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/WFLY-2358?page=com.atlassian.jira.plugin.... ]
RH Bugzilla Integration commented on WFLY-2358:
-----------------------------------------------
Paul Gier <pgier(a)redhat.com> changed the Status of [bug 1022240|https://bugzilla.redhat.com/show_bug.cgi?id=1022240] from MODIFIED to ON_QA
> setting <jacc-star-role-allow> in jboss-web.xml does not set allRolesMode to "authOnly"
> ----------------------------------------------------------------------------------------
>
> Key: WFLY-2358
> URL: https://issues.jboss.org/browse/WFLY-2358
> Project: WildFly
> Issue Type: Bug
> Components: Web (JBoss Web)
> Affects Versions: 8.0.0.Beta1
> Reporter: Derek Horton
> Assignee: Remy Maucherat
>
> I am trying to get only authentication (no authorization) to work for web application.
> In EAP 5, all that was required was to set the <role-name> to a '*' in
> the <security-constraint> of the web.xml. I tried this in EAP 6,
> however, it did not work.
> I then found the <jacc-star-role-allow> setting that goes in the
> jboss-web.xml. Unfortunately, adding this option did not cause the
> wildcard ('*') role-name to work for allowing any authenticated user
> to access the web application.
> Using the following system property does appear to work:
> org.apache.catalina.realm.RealmBase.ALL_ROLES_MODE=authOnly
> How reproducible:
> Everytime.
> Steps to Reproduce:
> 1. Set <role-name>*</role-name> in the security-contraint
> 2. Set <jacc-star-role-allow>true</jacc-star-role-allow> in jboss-web.xml
> 3. Set the security-domain so that no roles are assigned to a user
> 4. Attempt to access the web app
> Actual results:
> 403 - access denied
> Expected results:
> 200 - access allowed
> Additional info:
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (WFLY-3696) Security domain configuration doesn't allow empty or missing login-module-stack
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/WFLY-3696?page=com.atlassian.jira.plugin.... ]
RH Bugzilla Integration commented on WFLY-3696:
-----------------------------------------------
Paul Gier <pgier(a)redhat.com> changed the Status of [bug 901075|https://bugzilla.redhat.com/show_bug.cgi?id=901075] from MODIFIED to ON_QA
> Security domain configuration doesn't allow empty or missing login-module-stack
> -------------------------------------------------------------------------------
>
> Key: WFLY-3696
> URL: https://issues.jboss.org/browse/WFLY-3696
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 8.1.0.Final
> Reporter: Chao Wang
> Assignee: Chao Wang
>
> https://bugzilla.redhat.com/show_bug.cgi?id=901075 description:
> project_key: JBPAPP6
> Adding a security domain with JASPI authentication fails if there is no (or is empty) login-module-stack. It should be possible to add custom ServerAuthModule, which doesn't use JAAS login modules.
> {code:xml}
> <security-domain name="jmx-console" cache-type="default">
> <authentication-jaspi>
> <!-- FIXME: the not empty login-module-stack must be provided even it's not used -->
> <login-module-stack name="lm-stack">
> <login-module code="UsersRoles" flag="required"/>
> </login-module-stack>
> <auth-module code="org.jboss.example.CustomServerAuthModule" flag="required">
> <module-option name="option1" value="value1" />
> </auth-module>
> </authentication-jaspi>
> </security-domain>
> {code}
> It should be possible to remove here the login-module-stack element.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (WFLY-3468) Managed server shutdown unexpectedly when timeout during connection request to HC
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/WFLY-3468?page=com.atlassian.jira.plugin.... ]
RH Bugzilla Integration commented on WFLY-3468:
-----------------------------------------------
Paul Gier <pgier(a)redhat.com> changed the Status of [bug 1106393|https://bugzilla.redhat.com/show_bug.cgi?id=1106393] from MODIFIED to ON_QA
> Managed server shutdown unexpectedly when timeout during connection request to HC
> ---------------------------------------------------------------------------------
>
> Key: WFLY-3468
> URL: https://issues.jboss.org/browse/WFLY-3468
> Project: WildFly
> Issue Type: Bug
> Components: Domain Management
> Affects Versions: 8.1.0.Final
> Reporter: Takayoshi Kimura
> Assignee: Emanuel Muckenhuber
> Priority: Minor
> Fix For: 9.0.0.Alpha1
>
>
> Sometimes managed server shutdown unexpectedly when managed server tries to connect to the HC and got lengthly Full GC.
> {quote}
> java.io.IOException: JBAS012175: Channel closed
> at org.jboss.as.server.mgmt.domain.HostControllerConnection.getChannel(HostControllerConnection.java:101)
> at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:117)
> at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:100)
> at org.jboss.as.server.mgmt.domain.HostControllerConnection.reConnect(HostControllerConnection.java:171)
> at org.jboss.as.server.mgmt.domain.HostControllerClient.reconnect(HostControllerClient.java:98)
> at org.jboss.as.server.DomainServerMain.main(DomainServerMain.java:138)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.jboss.modules.Module.run(Module.java:292)
> at org.jboss.modules.Main.main(Main.java:455)
> {quote}
> The current DomainServerMain exits on the connetion error.
> The scenario is:
> # server tries to connect to the HC
> # server Full GC
> # HC is waiting a request from server, read timeout, closes the sock
> # server resumed from GC, failed to send the req to the HC and exit
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years