May 2015 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-2553) Enable SPNEGO Authentication

by Andy K (JIRA)

[ https://issues.jboss.org/browse/WFLY-2553?page=com.atlassian.jira.plugin.... ] Andy K updated WFLY-2553: ------------------------- ECCLESIA Clerk Server: Ibis ----------------------------------------------------------------------- Andreas Kind Sehr geehrte Damen und Herren, ich bin bis zum 31.05.2015 einschließlich nicht erreichbar. Ihre E-Mail wird bis dahin archiviert. Mit freundlichen Grüßen, > Enable SPNEGO Authentication > ---------------------------- > > Key: WFLY-2553 > URL: https://issues.jboss.org/browse/WFLY-2553 > Project: WildFly > Issue Type: Sub-task > Components: Web (Undertow) > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: web_security > Fix For: 10.0.0.Alpha3 > > -- This message was sent by Atlassian JIRA (v6.3.15#6346)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-210) Point to explicit security doc in server.log

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-210?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-210: ------------------------------ Fix Version/s: 10.0.0.Alpha3 (was: 10.0.0.Alpha2) > Point to explicit security doc in server.log > -------------------------------------------- > > Key: WFLY-210 > URL: https://issues.jboss.org/browse/WFLY-210 > Project: WildFly > Issue Type: Enhancement > Components: Server > Environment: Thinkpad T510 w/ 4 cores, 8Gb, running CSB > Reporter: Chuck Mosher > Assignee: Darran Lofthouse > Priority: Minor > Labels: eap6-ux > Fix For: 10.0.0.Alpha3 > > > Nice to warn me (in the server.log) that I have a security issue due to the cluster admin/user pwd using the defaults. Warning tells me to look at the docs; would it be possible to put it the hyperlink to the specific doc? -- This message was sent by Atlassian JIRA (v6.3.15#6346)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-399) mod_cluster subsystem: convert operation handlers to use OperationDefinition

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-399?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-399: ------------------------------ Fix Version/s: 10.0.0.Alpha3 (was: 10.0.0.Alpha2) > mod_cluster subsystem: convert operation handlers to use OperationDefinition > ---------------------------------------------------------------------------- > > Key: WFLY-399 > URL: https://issues.jboss.org/browse/WFLY-399 > Project: WildFly > Issue Type: Sub-task > Components: Clustering > Affects Versions: 8.0.0.Final > Reporter: Radoslav Husar > Assignee: Radoslav Husar > Fix For: 10.0.0.Alpha3 > > > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/LoadMetricDefinition.java:[59,59] warning: [deprecation] PropertiesAttributeDefinition(java.lang.String,java.lang.String,boolean) in org.jboss.as.controller.PropertiesAttributeDefinition has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterConfigResourceDefinition.java:[277,29] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean,java.util.EnumSet<org.jboss.as.controller.registry.OperationEntry.Flag>) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterConfigResourceDefinition.java:[280,29] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean,java.util.EnumSet<org.jboss.as.controller.registry.OperationEntry.Flag>) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterConfigResourceDefinition.java:[283,29] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean,java.util.EnumSet<org.jboss.as.controller.registry.OperationEntry.Flag>) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterConfigResourceDefinition.java:[286,29] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean,java.util.EnumSet<org.jboss.as.controller.registry.OperationEntry.Flag>) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterSubsystemAdd.java:[160,19] warning: [deprecation] setProxyList(java.lang.String) in org.jboss.modcluster.config.impl.ModClusterConfig has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterSubsystemAdd.java:[166,15] warning: [deprecation] setExcludedContexts(java.lang.String) in org.jboss.modcluster.config.impl.ModClusterConfig has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[100,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean,java.util.EnumSet<org.jboss.as.controller.registry.OperationEntry.Flag>) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[103,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean,java.util.EnumSet<org.jboss.as.controller.registry.OperationEntry.Flag>) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[106,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean,java.util.EnumSet<org.jboss.as.controller.registry.OperationEntry.Flag>) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[110,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[113,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[117,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean,java.util.EnumSet<org.jboss.as.controller.registry.OperationEntry.Flag>) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[120,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean,java.util.EnumSet<org.jboss.as.controller.registry.OperationEntry.Flag>) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[124,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[127,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[130,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[134,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[137,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated > [WARNING] /home/rhusar/git/as-master-modcluster/modcluster/src/main/java/org/jboss/as/modcluster/ModClusterDefinition.java:[140,21] warning: [deprecation] registerOperationHandler(java.lang.String,org.jboss.as.controller.OperationStepHandler,org.jboss.as.controller.descriptions.DescriptionProvider,boolean) in org.jboss.as.controller.registry.ManagementResourceRegistration has been deprecated -- This message was sent by Atlassian JIRA (v6.3.15#6346)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-383) Re-Evaluate or Remove WebSecurityJBossWebXmlSecurityRolesTestCase

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-383?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-383: ------------------------------ Fix Version/s: 10.0.0.Alpha3 (was: 10.0.0.Alpha2) > Re-Evaluate or Remove WebSecurityJBossWebXmlSecurityRolesTestCase > ----------------------------------------------------------------- > > Key: WFLY-383 > URL: https://issues.jboss.org/browse/WFLY-383 > Project: WildFly > Issue Type: Sub-task > Components: Test Suite, Web (Undertow) > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 10.0.0.Alpha3 > > > I have marked this test as "@Ignore"d as I do not believe the capability that is being tested is actually valid. > I can not find any evidence that we ever intended for a role to role mapping within the jboss-web.xml instead we only intended a principal to role mapping. -- This message was sent by Atlassian JIRA (v6.3.15#6346)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-379) Fix & re-enable ignored security tests

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-379?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-379: ------------------------------ Fix Version/s: 10.0.0.Alpha3 (was: 10.0.0.Alpha2) > Fix & re-enable ignored security tests > -------------------------------------- > > Key: WFLY-379 > URL: https://issues.jboss.org/browse/WFLY-379 > Project: WildFly > Issue Type: Sub-task > Components: Security > Affects Versions: 8.0.0.Alpha1 > Environment: AS8 with undertow > Reporter: Tomaz Cerar > Assignee: Darran Lofthouse > Fix For: 10.0.0.Alpha3 > > > AS8 with undertow fails few security tests. > This issue is here just for tracking what they are so they can be fixed > Still disabled tests: > {noformat} > SPNEGOLoginModuleTestCase > AdvancedLdapLoginModuleTestCase > StackingJASPITestCase > {noformat} -- This message was sent by Atlassian JIRA (v6.3.15#6346)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-319) OpenSSL SSL certificate support for domain management security realms (http and native interface)

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-319?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-319: ------------------------------ Fix Version/s: 10.0.0.Alpha3 (was: 10.0.0.Alpha2) > OpenSSL SSL certificate support for domain management security realms (http and native interface) > ------------------------------------------------------------------------------------------------- > > Key: WFLY-319 > URL: https://issues.jboss.org/browse/WFLY-319 > Project: WildFly > Issue Type: Sub-task > Components: Domain Management, Security, Server > Reporter: Franck LEDAY > Assignee: Darran Lofthouse > Fix For: 10.0.0.Alpha3 > > > related to https://community.jboss.org/message/728665#728665 : > Request the feature to use SSL certificate issued from OpenSSL directly from SSL attribute of management interface instead of available use of JKS . -- This message was sent by Atlassian JIRA (v6.3.15#6346)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-241) Specify and expose mod_cluster runtime information the should be shown within the console

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-241?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-241: ------------------------------ Fix Version/s: 10.0.0.Alpha3 (was: 10.0.0.Alpha2) > Specify and expose mod_cluster runtime information the should be shown within the console > ----------------------------------------------------------------------------------------- > > Key: WFLY-241 > URL: https://issues.jboss.org/browse/WFLY-241 > Project: WildFly > Issue Type: Task > Components: Clustering > Reporter: Heiko Braun > Assignee: Radoslav Husar > Fix For: 10.0.0.Alpha3 > > -- This message was sent by Atlassian JIRA (v6.3.15#6346)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-442) Review of AccessController and PrivilegedAction use across AS7

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-442?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-442: ------------------------------ Fix Version/s: 10.0.0.Alpha3 (was: 10.0.0.Alpha2) > Review of AccessController and PrivilegedAction use across AS7 > -------------------------------------------------------------- > > Key: WFLY-442 > URL: https://issues.jboss.org/browse/WFLY-442 > Project: WildFly > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: investigation_required > Fix For: 10.0.0.Alpha3 > > > The following needs reviewing across AS7: - > - On demand instantiation of PrivilegedActions where singletons would suffice (Consider frequency of calls, gc may be preferable). > - Use of AccessController even though there is no SecurityManager set. > - Code duplication, in every case I have seen so far the code is the same regardless of if PRIVILEGED or NON_PRIVILEGED > - Utility methods with visibility too high. > - In depth review of the other methods, i.e. if the first thing a public method does is set the class loader based on a parameter passed in it could be used badly - it may even be a justification for that method to NOT use a PrivilegedAction. > - Code that requires to be executed using a PrivilegedAction should also be double checked that it is not doing too much as the identity of the caller. -- This message was sent by Atlassian JIRA (v6.3.15#6346)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-431) Revisit enforcement of required file system permissions.

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-431?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-431: ------------------------------ Fix Version/s: 10.0.0.Alpha3 (was: 10.0.0.Alpha2) > Revisit enforcement of required file system permissions. > -------------------------------------------------------- > > Key: WFLY-431 > URL: https://issues.jboss.org/browse/WFLY-431 > Project: WildFly > Issue Type: Task > Components: Domain Management > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: management_security, > Fix For: 10.0.0.Alpha3 > > > Now that AS8 has moved to Java 7 we can re-visit the level of control we have over file system permissions, this can be from taking more control of the local authentication mechanism to ensure incorrect permissions are not inherited to verifying sensitive configuration files are not world readable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-421) Domain Mode JMX access through the HostController

by Jason Greene (JIRA)

[ https://issues.jboss.org/browse/WFLY-421?page=com.atlassian.jira.plugin.s... ] Jason Greene updated WFLY-421: ------------------------------ Fix Version/s: 10.0.0.Alpha3 (was: 10.0.0.Alpha2) > Domain Mode JMX access through the HostController > ------------------------------------------------- > > Key: WFLY-421 > URL: https://issues.jboss.org/browse/WFLY-421 > Project: WildFly > Issue Type: Task > Components: JMX, Remoting > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: JMX, investigation_required > Fix For: 10.0.0.Alpha3 > > > This task is first to review if this should be considered. > At the moment access to JMX is provided through the remoting connector of each AS instance - this task is to consider if we should actually make it available through the host controller with the host controller acting as a proxy. > The main motivation being to separate management and app traffic. -- This message was sent by Atlassian JIRA (v6.3.15#6346)

10 years, 7 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2015