[JBoss JIRA] (WFLY-3221) flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFLY-3221?page=com.atlassian.jira.plugin.... ]
Jason Greene updated WFLY-3221:
-------------------------------
Fix Version/s: 9.0.0.Beta1
(was: 9.0.0.Alpha1)
> flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials
> -------------------------------------------------------------------------------------
>
> Key: WFLY-3221
> URL: https://issues.jboss.org/browse/WFLY-3221
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 8.0.0.Final
> Reporter: Jorge Marmolejo
> Assignee: Stuart Douglas
> Priority: Critical
> Fix For: 9.0.0.Beta1
>
>
> The attribute flushOnSessionInvalidation does not flush the user credentials when the session is invalidated or when it times out. If the password or roles change for the user, the only way to get the new changes is by restarting the server.
> I tried removing "cache-type=default" from the standalone-full.xml and it works, but for every action made on the site, the login method in the authentication module is called.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (WFLY-3251) @WebContext overrides realm in web.xml
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFLY-3251?page=com.atlassian.jira.plugin.... ]
Jason Greene updated WFLY-3251:
-------------------------------
Fix Version/s: 9.0.0.Beta1
(was: 9.0.0.Alpha1)
> @WebContext overrides realm in web.xml
> --------------------------------------
>
> Key: WFLY-3251
> URL: https://issues.jboss.org/browse/WFLY-3251
> Project: WildFly
> Issue Type: Bug
> Components: Web Services
> Affects Versions: 8.1.0.CR2
> Reporter: Juergen Zimmermann
> Assignee: Alessio Soldano
> Fix For: 9.0.0.Beta1
>
>
> In WEB-INF/web.xml I'm having this declaration (to be used for REST and SOAP):
> {code}
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>Shop</realm-name>
> </login-config>
> {code}
> Furthermore, I'm having a SOAP-based web service:
> {code}
> @WebService(name = "KundeSOAP",
> targetNamespace = "urn:shop:soap:kunde",
> serviceName = "KundeSOAPService")
> @SOAPBinding
> @WebContext(authMethod = "BASIC",
> transportGuarantee = "CONFIDENTIAL",
> secureWSDLAccess = true)
> @Stateless
> @Interceptors(ConstraintViolationInterceptor.class)
> @RolesAllowed({ "...", "..." })
> @SecurityDomain("...")
> public class KundeSOAP {...}
> {code}
> But when the client invokes the server, then the realm name is "EJBWebServiceEndpointServlet Realm".
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (WFLY-3434) Add xsd schemas on wildlfy.org
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFLY-3434?page=com.atlassian.jira.plugin.... ]
Jason Greene updated WFLY-3434:
-------------------------------
Fix Version/s: 9.0.0.Beta1
(was: 9.0.0.Alpha1)
> Add xsd schemas on wildlfy.org
> ------------------------------
>
> Key: WFLY-3434
> URL: https://issues.jboss.org/browse/WFLY-3434
> Project: WildFly
> Issue Type: Feature Request
> Reporter: Tomaz Cerar
> Assignee: Tomaz Cerar
> Fix For: 9.0.0.Beta1
>
>
> we should have all wildfly releated schemas to wildfly.org/schema.
> As part of this task, we need to update all docs to point to new URL.
> have as much automated as possible process for uploading new schemas when new releases is done.
> consolidate this over various (sub)projects that provide schemas that should be here.
> What is not expected to be done is to host all old schemas that have nothing do do with WildFly on new location.
> Example are most of pre AS7 jboss specific descriptors that WildFly no longer honors.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years
[JBoss JIRA] (WFLY-3444) EjbTimerXmlPersister should check if timer.getNextExpiration() is null to avoid NPE
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFLY-3444?page=com.atlassian.jira.plugin.... ]
Jason Greene updated WFLY-3444:
-------------------------------
Fix Version/s: 9.0.0.Beta1
(was: 9.0.0.Alpha1)
> EjbTimerXmlPersister should check if timer.getNextExpiration() is null to avoid NPE
> -----------------------------------------------------------------------------------
>
> Key: WFLY-3444
> URL: https://issues.jboss.org/browse/WFLY-3444
> Project: WildFly
> Issue Type: Bug
> Components: EJB
> Reporter: Scott Marlow
> Assignee: David Lloyd
> Fix For: 9.0.0.Beta1
>
>
> Seeing a NPE in org.jboss.as.ejb3.timerservice.persistence.filestore.EjbTimerXmlPersister. that probably needs a null check:
> {quote}
> Caused by: java.lang.NullPointerException
> at org.jboss.as.ejb3.timerservice.persistence.filestore.EjbTimerXmlPersister.writeCalendarTimer(EjbTimerXmlPersister.java:136)
> at org.jboss.as.ejb3.timerservice.persistence.filestore.EjbTimerXmlPersister.writeContent(EjbTimerXmlPersister.java:89)
> at org.jboss.as.ejb3.timerservice.persistence.filestore.EjbTimerXmlPersister.writeContent(EjbTimerXmlPersister.java:43)
> at org.jboss.staxmapper.XMLMapperImpl.doDeparse(XMLMapperImpl.java:88)
> at org.jboss.staxmapper.XMLMapperImpl.deparseDocument(XMLMapperImpl.java:83)
> at org.jboss.as.ejb3.timerservice.persistence.filestore.FileTimerPersistence.writeFile(FileTimerPersistence.java:440)
> {quote}
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
10 years