[JBoss JIRA] (WFCORE-1083) Login Module is messed up when one of the module-option is empty
by J Prasanna Venkatesan (JIRA)
J Prasanna Venkatesan created WFCORE-1083:
---------------------------------------------
Summary: Login Module is messed up when one of the module-option is empty
Key: WFCORE-1083
URL: https://issues.jboss.org/browse/WFCORE-1083
Project: WildFly Core
Issue Type: Bug
Components: CLI
Environment: CentOS Linux release 7.1.1503 (Core)
/usr/java/jdk1.8.0_45/
WildFly 8.2.0
Reporter: J Prasanna Venkatesan
Assignee: Alexey Loubyansky
Priority: Critical
When one of the module-option is given as empty the whole login-module is messed up. But in real time there will be cases where the module-option can be empty. For Eg. while configuring org.jboss.security.auth.spi.LdapLoginModule, the principalDNPrefix can be empty
*+Command with principalDNPrefix empty+*
/subsystem=security/security-domain=SourceForge/authentication=classic/login-module=org.jboss.security.auth.spi.LdapLoginModule33:add(code=org.jboss.security.auth.spi.LdapLoginModule, flag=sufficient, module-options=[ "java.naming.provider.url" => "ldap://ldaphost.jboss.org:1", "java.naming.security.authentication" => "simple", *"principalDNPrefix" => ""*, "principalDNSuffix" => ",ou=People,o=jboss.org", "allowEmptyPasswords" => "false", "java.naming.factory.initial" => "com.sun.jndi.ldap.LdapCtxFactory", "throwValidateError" => "true" ]){allow-resource-service-restart=true}
+Output in standalone-full.xml+
Wrong value is stored as principalDNPrefix
<login-module name="org.jboss.security.auth.spi.LdapLoginModule33" code="org.jboss.security.auth.spi.LdapLoginModule" flag="sufficient">
<module-option name="java.naming.provider.url" value="ldap://ldaphost.jboss.org:1"/>
<module-option name="java.naming.security.authentication" value="simple"/>
*<module-option name="principalDNPrefix" value="principalDNSuffix"/>*
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="throwValidateError" value="true"/>
</login-module>
*+Command with principalDNPrefix with some value+*
/subsystem=security/security-domain=SourceForge/authentication=classic/login-module=org.jboss.security.auth.spi.LdapLoginModule44:add(code=org.jboss.security.auth.spi.LdapLoginModule, flag=sufficient, module-options=[ "java.naming.provider.url" => "ldap://ldaphost.jboss.org:1", "java.naming.security.authentication" => "simple", *"principalDNPrefix" => "test"*, "principalDNSuffix" => ",ou=People,o=jboss.org", "allowEmptyPasswords" => "false", "java.naming.factory.initial" => "com.sun.jndi.ldap.LdapCtxFactory", "throwValidateError" => "true" ]){allow-resource-service-restart=true}
+Output in standalone-full.xml+
Values are stored correctly.
<login-module name="org.jboss.security.auth.spi.LdapLoginModule44" code="org.jboss.security.auth.spi.LdapLoginModule" flag="sufficient">
<module-option name="java.naming.provider.url" value="ldap://ldaphost.jboss.org:1"/>
<module-option name="java.naming.security.authentication" value="simple"/>
*<module-option name="principalDNPrefix" value="test"/>*
<module-option name="principalDNSuffix" value=",ou=People,o=jboss.org"/>
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="throwValidateError" value="true"/>
</login-module>
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (WFLY-5536) Recovery manager is not able to recover MDB and shows warnings on each run.
by Hayk Hovsepyan (JIRA)
[ https://issues.jboss.org/browse/WFLY-5536?page=com.atlassian.jira.plugin.... ]
Hayk Hovsepyan commented on WFLY-5536:
--------------------------------------
[~ataylor] for debugging the test and server side running, it requires to provide these two maven options while running the test "-Dmaven.surefire.debug -Ddebug.client".
"-Dmaven.surefire.debug" option is for debugging the test, and test run waits for the port "5005" to be connected by IDE.
"-Ddebug.client" option debugs the server side running, such as recovery manager, and it waits for the port "8787" to be connected by IDE. However it could not log any message that is waiting for connection to port.
> Recovery manager is not able to recover MDB and shows warnings on each run.
> ---------------------------------------------------------------------------
>
> Key: WFLY-5536
> URL: https://issues.jboss.org/browse/WFLY-5536
> Project: WildFly
> Issue Type: Bug
> Components: JMS
> Affects Versions: 10.0.0.CR2
> Reporter: Hayk Hovsepyan
> Assignee: Jeff Mesnil
> Priority: Blocker
> Attachments: MDB_JMS_XA.log
>
>
> Recovery manager is not able to recover MDB and shows warnings.
> This causes to see the same warning log in server each time recovery is run.
> This happens when server is crashed before transaction state is saved.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (WFCORE-889) Kerberos authentication for Management CLI should fallback when server principal is set incorrectly
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFCORE-889?page=com.atlassian.jira.plugin... ]
Jason Greene updated WFCORE-889:
--------------------------------
Fix Version/s: 2.0.0.Final
(was: 2.0.0.CR9)
> Kerberos authentication for Management CLI should fallback when server principal is set incorrectly
> ---------------------------------------------------------------------------------------------------
>
> Key: WFCORE-889
> URL: https://issues.jboss.org/browse/WFCORE-889
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Fix For: 2.0.0.Final
>
>
> In case when kerberos authentication is configured in security realm but principal attribute in keytab element is set incorrectly (e.g. remote/wrong_localhost(a)JBOSS.ORG, remote/localhost(a)WRONG_JBOSS.ORG or wrong_remote/localhost(a)JBOSS.ORG instead of remote/localhost(a)JBOSS.ORG) then authentication does not fallback into another authentication mechanism for user with valid kerberos ticket. In case when user does not have kerberos ticket then fallback is taken into account correctly.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (WFCORE-784) standalone.sh does not handle correctly situation when CDPATH environment variable is set
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFCORE-784?page=com.atlassian.jira.plugin... ]
Jason Greene updated WFCORE-784:
--------------------------------
Fix Version/s: 2.0.0.Final
(was: 2.0.0.CR9)
> standalone.sh does not handle correctly situation when CDPATH environment variable is set
> -----------------------------------------------------------------------------------------
>
> Key: WFCORE-784
> URL: https://issues.jboss.org/browse/WFCORE-784
> Project: WildFly Core
> Issue Type: Bug
> Components: Scripts
> Reporter: Martin Petricek
> Assignee: Tomaz Cerar
> Fix For: 2.0.0.Final
>
> Attachments: bin-fix.patch
>
>
> bin/standalone.sh does not use "shift" correctly when parsing commandline option, failing with "bin/standalone.sh: 34: shift: can't shift that many" if "--debug" without a parameter is used on dash (default shell in debian)
> Second issue is that the script does not handle correctly situation when CDPATH environment variable is set, failing completely.
> Attaching patch that fixes both these issues.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (WFCORE-1075) Deploying a file results in HC logging "WFLYCTL0019: Graceful shutdown" warn on shutdown or reload
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1075?page=com.atlassian.jira.plugi... ]
Jason Greene updated WFCORE-1075:
---------------------------------
Fix Version/s: 2.0.0.Final
(was: 2.0.0.CR9)
> Deploying a file results in HC logging "WFLYCTL0019: Graceful shutdown" warn on shutdown or reload
> --------------------------------------------------------------------------------------------------
>
> Key: WFCORE-1075
> URL: https://issues.jboss.org/browse/WFCORE-1075
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management
> Affects Versions: 2.0.0.CR8
> Reporter: Brian Stansberry
> Assignee: Brian Stansberry
> Fix For: 2.0.0.Final
>
>
> Host Controllers frequently take 15 seconds to shutdown and reload, logging the following after a 15s pause:
> {code}
> WFLYCTL0019: Graceful shutdown of the handler used for native management requests did not complete within [15000] ms but shutdown of the underlying communication channel is proceeding
> {code}
> This is because MasterDomainControllerOperationHandlerImpl and ServerToHostProtocolHandler both handle a GET_FILE_REQUEST by registering an ActiveOperation with ActiveOperationSupport, but then the GetFileOperation handlers for the request never call "done" or "failed" on the ActiveOperation.ResultHandler. The activeRequests map in the ActiveOperationSupport therefore ends up with extraneous data resulting in the shutdown delay.
> This is also a minor memory leak.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months