[JBoss JIRA] (ELY-171) Properties based KeyStore fails to parse default WildFly properties file.
by Darran Lofthouse (JIRA)
Darran Lofthouse created ELY-171:
------------------------------------
Summary: Properties based KeyStore fails to parse default WildFly properties file.
Key: ELY-171
URL: https://issues.jboss.org/browse/ELY-171
Project: WildFly Elytron
Issue Type: Bug
Components: SSL
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 1.0.0.Alpha1
The default file only contains commented out lines, however the following error is reported.
{noformat}
12:28:44,523 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-12) MSC000001: Failed to start service elytron.keystore.mgmt_properties: org.jboss.msc.service.StartException in service elytron.keystore.mgmt_properties: Failed to start service
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1904)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.IllegalArgumentException: The supplied character array must contain an even number of hex chars.
at org.wildfly.security.sasl.util.HexConverter.convertFromHex(HexConverter.java:91)
at org.wildfly.security.sasl.util.HexConverter.convertFromHex(HexConverter.java:123)
at org.wildfly.security.keystore.PropertiesKeyStoreSpi.engineLoad(PropertiesKeyStoreSpi.java:296)
at java.security.KeyStore.load(KeyStore.java:1433)
at org.wildfly.security.keystore.AtomicLoadKeyStoreSpi.engineLoad(AtomicLoadKeyStoreSpi.java:51)
at java.security.KeyStore.load(KeyStore.java:1433)
at org.wildfly.extension.elytron.KeyStoreService.start(KeyStoreService.java:109)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881)
... 3 more
12:28:44,527 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0013: Operation ("add") failed - address: ([
("subsystem" => "elytron"),
("keystore" => "mgmt_properties")
]) - failure description: {"WFLYCTL0080: Failed services" => {"elytron.keystore.mgmt_properties" => "org.jboss.msc.service.StartException in service elytron.keystore.mgmt_properties: Failed to start service
Caused by: java.lang.IllegalArgumentException: The supplied character array must contain an even number of hex chars."}}
{noformat}
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
9 years, 1 month
[JBoss JIRA] (ELY-170) Transition the still useful parts of JBoss Negotiation into Elytron
by Darran Lofthouse (JIRA)
Darran Lofthouse created ELY-170:
------------------------------------
Summary: Transition the still useful parts of JBoss Negotiation into Elytron
Key: ELY-170
URL: https://issues.jboss.org/browse/ELY-170
Project: WildFly Elytron
Issue Type: Feature Request
Components: Utils
Reporter: Darran Lofthouse
Fix For: 1.0.0.Beta1
Generally JBoss Negotiation should be obsolete, however some portions may be useful to be included in Elytron e.g. the SPNEGO parsing so that we can display some meaningful diagnostics.
By the time we reach the end of WildFly 10 nothing should require a direct dependency on JBoss Negotiation and really it should be removed from the application server distribution.
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
9 years, 1 month
[JBoss JIRA] (WFLY-3075) add supplement to socket-bindings in template assembly
by Jeff Mesnil (JIRA)
[ https://issues.jboss.org/browse/WFLY-3075?page=com.atlassian.jira.plugin.... ]
Jeff Mesnil resolved WFLY-3075.
-------------------------------
Resolution: Rejected
the messaging subsystem no longer required this socket-binding for its HA configuration (leveraging jgroups instead) so I have no longer a valid use case to add supplements to socket-bindings in the template assembly
> add supplement to socket-bindings in template assembly
> ------------------------------------------------------
>
> Key: WFLY-3075
> URL: https://issues.jboss.org/browse/WFLY-3075
> Project: WildFly
> Issue Type: Enhancement
> Components: Build System
> Affects Versions: 8.0.0.Final
> Reporter: Jeff Mesnil
> Assignee: Tomaz Cerar
> Fix For: 9.0.0.CR1
>
>
> The messaging.xml subsystem configuration defines a "ha" supplement used to build the standalone-full-ha.xml.
> This supplement requires to have a socket-binding for multicast:
> {noformat}
> <socket-binding name="messaging-group" port="0" multicast-address="${jboss.messaging.group.address:231.7.7.7}" multicast-port="${jboss.messaging.group.port:9876}"/>
> {noformat}
> However, this socket-binding is *always* added even when the "ha" supplement is not used.
> We end up with a standalone-full.xml configuration with the regular messaging subsystem (no ha parts) *and* the messaging-group socket binding.
> Ideally, this socket-binding should only be added when the ha supplement is used.
> One way to achieve this would be to allow <socket-binding> definitions inside the <supplement>/<replacement> elements.
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
9 years, 1 month
[JBoss JIRA] (SECURITY-877) AdvancedLdapLodinMogule is Logging LDAP Bind Credential Password during authentication.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/SECURITY-877?page=com.atlassian.jira.plug... ]
Darran Lofthouse updated SECURITY-877:
--------------------------------------
Fix Version/s: Negotiation_2_3_7_Final
> AdvancedLdapLodinMogule is Logging LDAP Bind Credential Password during authentication.
> ---------------------------------------------------------------------------------------
>
> Key: SECURITY-877
> URL: https://issues.jboss.org/browse/SECURITY-877
> Project: PicketBox
> Issue Type: Bug
> Components: Negotiation
> Affects Versions: Negotiation_2_3_6_Final
> Environment: Wildfly is logging the bindCredentials when using SPNEGO
> Reporter: Filippe Spolti
> Assignee: Filippe Spolti
> Fix For: Negotiation_2_3_7_Final
>
>
> The bind Credential are being logged:
> 2015-03-19 19:33:28,569 TRACE [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-localhost/127.0.0.1:8080-1) Logging into LDAP server, env={baseFilter=(userPrincipalName={0}), java.naming.security.credentials=***, jboss.security.security_domain=SPNEGO, java.naming.ldap.attributes.binary=objectSid, password-stacking=useFirstPass, recurseRoles=false, java.naming.security.authentication=simple, baseCtxDN=DC=example,DC=com, roleAttributeIsDN=true, rolesCtxDN=DC=example,DC=com, java.naming.security.principal=bindUser, allowEmptyPassword=true, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.provider.url=ldap://127.0.0.1:389, roleNameAttributeID=cn, roleAttributeID=memberOf, bindDN=bindUser, bindCredential=password}
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
9 years, 1 month
[JBoss JIRA] (SECURITY-877) AdvancedLdapLodinMogule is Logging LDAP Bind Credential Password during authentication.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/SECURITY-877?page=com.atlassian.jira.plug... ]
Darran Lofthouse updated SECURITY-877:
--------------------------------------
Priority: Major (was: Minor)
> AdvancedLdapLodinMogule is Logging LDAP Bind Credential Password during authentication.
> ---------------------------------------------------------------------------------------
>
> Key: SECURITY-877
> URL: https://issues.jboss.org/browse/SECURITY-877
> Project: PicketBox
> Issue Type: Bug
> Components: Negotiation
> Affects Versions: Negotiation_2_3_6_Final
> Environment: Wildfly is logging the bindCredentials when using SPNEGO
> Reporter: Filippe Spolti
> Assignee: Filippe Spolti
>
> The bind Credential are being logged:
> 2015-03-19 19:33:28,569 TRACE [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-localhost/127.0.0.1:8080-1) Logging into LDAP server, env={baseFilter=(userPrincipalName={0}), java.naming.security.credentials=***, jboss.security.security_domain=SPNEGO, java.naming.ldap.attributes.binary=objectSid, password-stacking=useFirstPass, recurseRoles=false, java.naming.security.authentication=simple, baseCtxDN=DC=example,DC=com, roleAttributeIsDN=true, rolesCtxDN=DC=example,DC=com, java.naming.security.principal=bindUser, allowEmptyPassword=true, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.provider.url=ldap://127.0.0.1:389, roleNameAttributeID=cn, roleAttributeID=memberOf, bindDN=bindUser, bindCredential=password}
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
9 years, 1 month
[JBoss JIRA] (SECURITY-877) AdvancedLdapLodinMogule is Logging LDAP Bind Credential Password during authentication.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/SECURITY-877?page=com.atlassian.jira.plug... ]
Darran Lofthouse updated SECURITY-877:
--------------------------------------
Summary: AdvancedLdapLodinMogule is Logging LDAP Bind Credential Password during authentication. (was: WildFLy is Logging LDAP Bind Credential Password for SPNEGO code)
> AdvancedLdapLodinMogule is Logging LDAP Bind Credential Password during authentication.
> ---------------------------------------------------------------------------------------
>
> Key: SECURITY-877
> URL: https://issues.jboss.org/browse/SECURITY-877
> Project: PicketBox
> Issue Type: Bug
> Components: Negotiation
> Affects Versions: Negotiation_2_3_6_Final
> Environment: Wildfly is logging the bindCredentials when using SPNEGO
> Reporter: Filippe Spolti
> Assignee: Filippe Spolti
> Priority: Minor
>
> The bind Credential are being logged:
> 2015-03-19 19:33:28,569 TRACE [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-localhost/127.0.0.1:8080-1) Logging into LDAP server, env={baseFilter=(userPrincipalName={0}), java.naming.security.credentials=***, jboss.security.security_domain=SPNEGO, java.naming.ldap.attributes.binary=objectSid, password-stacking=useFirstPass, recurseRoles=false, java.naming.security.authentication=simple, baseCtxDN=DC=example,DC=com, roleAttributeIsDN=true, rolesCtxDN=DC=example,DC=com, java.naming.security.principal=bindUser, allowEmptyPassword=true, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.provider.url=ldap://127.0.0.1:389, roleNameAttributeID=cn, roleAttributeID=memberOf, bindDN=bindUser, bindCredential=password}
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
9 years, 1 month
[JBoss JIRA] (WFLY-2456) Bad permissions on properties files when using add-user.bat for results in "JBAS015234: No mgmt-groups.properties files found"
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFLY-2456?page=com.atlassian.jira.plugin.... ]
Darran Lofthouse updated WFLY-2456:
-----------------------------------
Summary: Bad permissions on properties files when using add-user.bat for results in "JBAS015234: No mgmt-groups.properties files found" (was: Using add-user.bat for initial admin user results in "JBAS015234: No mgmt-groups.properties files found")
> Bad permissions on properties files when using add-user.bat for results in "JBAS015234: No mgmt-groups.properties files found"
> ------------------------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-2456
> URL: https://issues.jboss.org/browse/WFLY-2456
> Project: WildFly
> Issue Type: Bug
> Components: Scripts
> Affects Versions: 8.0.0.Beta1
> Environment: Windows 7, 32-bit, jdk1.7.0_45
> Reporter: John Lusk
> Fix For: Awaiting Volunteers
>
>
> Just getting started w/Wildfly after a long absence from Java. Fresh download, trying to hit admin console, got instructed to use add-user to add an admin user.
> c:\usr\local\wildfly-8.0.0.Beta1\bin>.\add-user.bat
> What type of user do you wish to add?
> a) Management User (mgmt-users.properties)
> b) Application User (application-users.properties)
> (a): a
> * Error *
> JBAS015234: No mgmt-groups.properties files found.
> Press any key to continue . . .
> c:\usr\local\wildfly-8.0.0.Beta1\bin>echo %JBOSS_HOME%
> C:\usr\local\wildfly-8.0.0.Beta1
> c:\usr\local\wildfly-8.0.0.Beta1\bin>echo %JAVA_HOME%
> C:\java\jdk1.7.0_45
> c:\usr\local\wildfly-8.0.0.Beta1\bin>echo %M2_HOME%
> C:\usr\local\Maven\3.1.1
> c:\usr\local\wildfly-8.0.0.Beta1\bin>mvn -version
> Apache Maven 3.1.1 (0728685237757ffbf44136acec0402957f723d9a; 2013-09-17 11:22:2
> 2-0400)
> Maven home: C:\usr\local\Maven\3.1.1
> Java version: 1.7.0_45, vendor: Oracle Corporation
> Java home: C:\java\jdk1.7.0_45\jre
> Default locale: en_US, platform encoding: Cp1252
> OS name: "windows 7", version: "6.1", arch: "x86", family: "windows"
> c:\usr\local\wildfly-8.0.0.Beta1\bin>
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
9 years, 1 month
[JBoss JIRA] (WFLY-2456) Using add-user.bat for initial admin user results in "JBAS015234: No mgmt-groups.properties files found"
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFLY-2456?page=com.atlassian.jira.plugin.... ]
Darran Lofthouse commented on WFLY-2456:
----------------------------------------
I have set this Jira to 'Awaiting Volunteers', should be quite a nice issue for someone who wants to contribute to WildFly to look into.
This Jira issue is open for one reason: -
For an engineer to investigate if there is anything that can be done in Java 7 to detect permissions problems on these files and if so report a more meaningful error message if this is possible.
This may not actually be possible is file system permissions may hide the presence of the files making them appear missing.
For any other cases where this error is experienced causes are most likely to be one of the following: -
- Some kind of PATH issue in relation to the location of the application server and the working dir.
- The files really don't exist.
- A permissions issue where the user running the script can not access the files due to permissions problems.
For diagnostics of why you experience the error please take the discussion to the forums.
> Using add-user.bat for initial admin user results in "JBAS015234: No mgmt-groups.properties files found"
> --------------------------------------------------------------------------------------------------------
>
> Key: WFLY-2456
> URL: https://issues.jboss.org/browse/WFLY-2456
> Project: WildFly
> Issue Type: Bug
> Components: Scripts
> Affects Versions: 8.0.0.Beta1
> Environment: Windows 7, 32-bit, jdk1.7.0_45
> Reporter: John Lusk
> Fix For: Awaiting Volunteers
>
>
> Just getting started w/Wildfly after a long absence from Java. Fresh download, trying to hit admin console, got instructed to use add-user to add an admin user.
> c:\usr\local\wildfly-8.0.0.Beta1\bin>.\add-user.bat
> What type of user do you wish to add?
> a) Management User (mgmt-users.properties)
> b) Application User (application-users.properties)
> (a): a
> * Error *
> JBAS015234: No mgmt-groups.properties files found.
> Press any key to continue . . .
> c:\usr\local\wildfly-8.0.0.Beta1\bin>echo %JBOSS_HOME%
> C:\usr\local\wildfly-8.0.0.Beta1
> c:\usr\local\wildfly-8.0.0.Beta1\bin>echo %JAVA_HOME%
> C:\java\jdk1.7.0_45
> c:\usr\local\wildfly-8.0.0.Beta1\bin>echo %M2_HOME%
> C:\usr\local\Maven\3.1.1
> c:\usr\local\wildfly-8.0.0.Beta1\bin>mvn -version
> Apache Maven 3.1.1 (0728685237757ffbf44136acec0402957f723d9a; 2013-09-17 11:22:2
> 2-0400)
> Maven home: C:\usr\local\Maven\3.1.1
> Java version: 1.7.0_45, vendor: Oracle Corporation
> Java home: C:\java\jdk1.7.0_45\jre
> Default locale: en_US, platform encoding: Cp1252
> OS name: "windows 7", version: "6.1", arch: "x86", family: "windows"
> c:\usr\local\wildfly-8.0.0.Beta1\bin>
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
9 years, 1 month