[JBoss JIRA] (WFLY-5561) Digest authentication mechanism unable to parse headers where username terminated with trailing '\'
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFLY-5561?page=com.atlassian.jira.plugin.... ]
Jason Greene resolved WFLY-5561.
--------------------------------
Resolution: Done
> Digest authentication mechanism unable to parse headers where username terminated with trailing '\'
> ---------------------------------------------------------------------------------------------------
>
> Key: WFLY-5561
> URL: https://issues.jboss.org/browse/WFLY-5561
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 10.0.0.CR3
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Priority: Blocker
> Fix For: 10.0.0.Final
>
>
> In case when username finish with backslash then properties authentication in security realm does not work. It works correctly when backslash is used in the middle of username.
> Following expection is thrown:
> {code}
> java.lang.IllegalArgumentException: UT000025: Unexpected token 'delimiters-test", nonce' within header.
> at io.undertow.util.HeaderTokenParser.parseHeader(HeaderTokenParser.java:68)
> at io.undertow.security.impl.DigestAuthorizationToken.parseHeader(DigestAuthorizationToken.java:79)
> at io.undertow.security.impl.DigestAuthenticationMechanism.authenticate(DigestAuthenticationMechanism.java:156)
> at org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper.authenticate(AuthenticationMechanismWrapper.java:52)
> at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:233)
> at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:250)
> at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:219)
> at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:121)
> at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:96)
> at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:89)
> at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50)
> at io.undertow.server.Connectors.executeRootHandler(Connectors.java:198)
> at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:784)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (WFCORE-1095) Remove dependency on bouncycastle
by Brian Stansberry (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1095?page=com.atlassian.jira.plugi... ]
Brian Stansberry updated WFCORE-1095:
-------------------------------------
Issue Type: Bug (was: Task)
> Remove dependency on bouncycastle
> ---------------------------------
>
> Key: WFCORE-1095
> URL: https://issues.jboss.org/browse/WFCORE-1095
> Project: WildFly Core
> Issue Type: Bug
> Components: Test Suite
> Affects Versions: 2.0.0.Final
> Reporter: Brian Stansberry
> Assignee: Brian Stansberry
> Priority: Minor
>
> Core has a dependency on bouncycastle that AFAICT is only there so a couple string constants can be used in testsuite/shared.
> I'm going to try removing the methods that use the constants altogether. If that's ok (i.e. nothing fails in full's testsuite) then we'll go that route, otherwise I'll try just removing the contants imports and hard coding the strings.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (WFCORE-1097) Remove core dependency on bouncycastle
by Brian Stansberry (JIRA)
Brian Stansberry created WFCORE-1097:
----------------------------------------
Summary: Remove core dependency on bouncycastle
Key: WFCORE-1097
URL: https://issues.jboss.org/browse/WFCORE-1097
Project: WildFly Core
Issue Type: Bug
Components: Test Suite
Affects Versions: 2.0.0.Final
Reporter: Brian Stansberry
Assignee: Brian Stansberry
Priority: Minor
Core has a dependency on bouncycastle that AFAICT is only there so a couple string constants can be used in testsuite/shared.
I'm going to try removing the methods that use the constants altogether. If that's ok (i.e. nothing fails in full's testsuite) then we'll go that route, otherwise I'll try just removing the contants imports and hard coding the strings.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (WFCORE-1096) Remove core dependency on bouncycastle
by Brian Stansberry (JIRA)
Brian Stansberry created WFCORE-1096:
----------------------------------------
Summary: Remove core dependency on bouncycastle
Key: WFCORE-1096
URL: https://issues.jboss.org/browse/WFCORE-1096
Project: WildFly Core
Issue Type: Task
Components: Test Suite
Affects Versions: 2.0.0.Final
Reporter: Brian Stansberry
Assignee: Brian Stansberry
Priority: Minor
Core has a dependency on bouncycastle that AFAICT is only there so a couple string constants can be used in testsuite/shared.
I'm going to try removing the methods that use the constants altogether. If that's ok (i.e. nothing fails in full's testsuite) then we'll go that route, otherwise I'll try just removing the contants imports and hard coding the strings.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (WFLY-5630) undertow java.lang.IllegalStateException: UT010019: Response already commited
by David Zukerman (JIRA)
David Zukerman created WFLY-5630:
------------------------------------
Summary: undertow java.lang.IllegalStateException: UT010019: Response already commited
Key: WFLY-5630
URL: https://issues.jboss.org/browse/WFLY-5630
Project: WildFly
Issue Type: Bug
Components: Web (Undertow)
Affects Versions: 9.0.2.Final
Reporter: David Zukerman
Assignee: Stuart Douglas
Priority: Minor
I'm not too sure whether this is a bug or an enhancement but just in case I will report it:
when the war.xml file contains the form-login-page element but that page defined does not exist, here's the Undertow behavior:
1. the war file is successfully deployed
2. when you try to access to a secured resource, you will get the following error:
ERROR [io.undertow.request] (default task-7) UT005023: Exception handling request to /app/login.html: java.lang.IllegalStateException: UT010019: Response already commited
I'm not too sure whether the behavior should be redirecting to the 404 page not found page.
I know is a minor thing but just wanted to point it out in case is useful.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (WFCORE-1095) Remove dependency on bouncycastle
by Brian Stansberry (JIRA)
Brian Stansberry created WFCORE-1095:
----------------------------------------
Summary: Remove dependency on bouncycastle
Key: WFCORE-1095
URL: https://issues.jboss.org/browse/WFCORE-1095
Project: WildFly Core
Issue Type: Task
Components: Test Suite
Affects Versions: 2.0.0.Final
Reporter: Brian Stansberry
Assignee: Brian Stansberry
Priority: Minor
Core has a dependency on bouncycastle that AFAICT is only there so a couple string constants can be used in testsuite/shared.
I'm going to try removing the methods that use the constants altogether. If that's ok (i.e. nothing fails in full's testsuite) then we'll go that route, otherwise I'll try just removing the contants imports and hard coding the strings.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (WFLY-5418) start-delivery/stop-delivery operations descriptions are missing from MDB deployment in domain mode
by Kabir Khan (JIRA)
[ https://issues.jboss.org/browse/WFLY-5418?page=com.atlassian.jira.plugin.... ]
Kabir Khan commented on WFLY-5418:
----------------------------------
[~brian.stansberry] I mentioned that to [~jmesnil] in a private chat so your expectation is correct. In other words it is fine by me
> start-delivery/stop-delivery operations descriptions are missing from MDB deployment in domain mode
> ---------------------------------------------------------------------------------------------------
>
> Key: WFLY-5418
> URL: https://issues.jboss.org/browse/WFLY-5418
> Project: WildFly
> Issue Type: Bug
> Components: JMS
> Affects Versions: JBoss AS7 7.2.0.Final
> Environment: JBoss EAP 6.4.3
> Reporter: Tom Ross
> Assignee: Jeff Mesnil
> Fix For: 10.0.0.CR4
>
>
> It is possible to start/stop delivery of messages to MDB in standalone mode using operations
> start-delivery() and stop-delivery() on MDB deployment.
> Those operations are available in domain mode but their descriptions are missing (preventing CLI autocompletion to work as expected).
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months
[JBoss JIRA] (JGRP-1974) Socket factory not set correctly with singleton transport
by Bela Ban (JIRA)
[ https://issues.jboss.org/browse/JGRP-1974?page=com.atlassian.jira.plugin.... ]
Bela Ban updated JGRP-1974:
---------------------------
Fix Version/s: 3.6.7
I'll take a look anyway, to see if this warrants fixing in 3.6.7
> Socket factory not set correctly with singleton transport
> ---------------------------------------------------------
>
> Key: JGRP-1974
> URL: https://issues.jboss.org/browse/JGRP-1974
> Project: JGroups
> Issue Type: Bug
> Affects Versions: 3.2.13
> Reporter: Dennis Reed
> Assignee: Bela Ban
> Fix For: 3.6.7
>
>
> When using a singleton transport, the socket factory is not set correctly on startup.
> JChannel sets the socket factory down the stack on startup, then starts the stack.
> The transport protocol is substituted with a TP.ProtocolAdapter during startup (*after* the socket factory was set), so it still uses its default socket factory, and provides it to all protocols up the stack.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 8 months