September 2015 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-232) AuthorizeCallback shall be last

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-232?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-232: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > AuthorizeCallback shall be last > ------------------------------- > > Key: ELY-232 > URL: https://issues.jboss.org/browse/ELY-232 > Project: WildFly Elytron > Issue Type: Bug > Components: SASL > Reporter: David Lloyd > Fix For: 1.1.0.Alpha2 > > > Go through each SASL server mechanism and ensure that AuthorizeCallback is checked last (after credential/password verification, user name assignment, realm checks, etc.). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-251) More certain credential based mechanism selection.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-251?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-251: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > More certain credential based mechanism selection. > -------------------------------------------------- > > Key: ELY-251 > URL: https://issues.jboss.org/browse/ELY-251 > Project: WildFly Elytron > Issue Type: Task > Components: SASL > Reporter: Darran Lofthouse > Fix For: 1.1.0.Alpha2 > > > When filtering authentication mechanisms we need to really be able to offer two modes: - > 1 - Only offer a mech if we are sure it is supported. > Risks only offering a weaker mechanism in a mixed domain but also eliminates mechanisms that could fail for a valid user that just happens to have a different credential type. > 2- More general support. > i.e. offer the mechs that may be supported. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-54) Support for stronger hashes as alternatives to MD5

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-54?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-54: -------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > Support for stronger hashes as alternatives to MD5 > -------------------------------------------------- > > Key: ELY-54 > URL: https://issues.jboss.org/browse/ELY-54 > Project: WildFly Elytron > Issue Type: Feature Request > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Alpha2 > > > Presently Digest authentication is based on MD5 - however we should either update the mechanism or add new mechanisms to support the use of stronger hashes. > As this library is used both client and server side installations that require the stronger hashes can just ensure the client and server have the latest version of this library - installations that still require interaction with MD5 will need to ensure that it is still available as a mechanism. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-95) Password types should generate a salt if none is given

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-95?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-95: -------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > Password types should generate a salt if none is given > ------------------------------------------------------ > > Key: ELY-95 > URL: https://issues.jboss.org/browse/ELY-95 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Passwords > Reporter: David Lloyd > Fix For: 1.1.0.Alpha2 > > > Password types such as {{crypt-md5}} should be able to generate a password from a {{ClearPasswordSpec}} by generating a simple random salt. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-154) Session based DigestCredential support

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-154?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-154: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > Session based DigestCredential support > -------------------------------------- > > Key: ELY-154 > URL: https://issues.jboss.org/browse/ELY-154 > Project: WildFly Elytron > Issue Type: Sub-task > Components: Passwords > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Alpha2 > > > DigestCredential but where additional information is included such as nonce and cnonce to create a credential applicable to a session. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-299) Add getCredentialSupport methods that taks the credential type as an argument.

by Darran Lofthouse (JIRA)

Darran Lofthouse created ELY-299: ------------------------------------ Summary: Add getCredentialSupport methods that taks the credential type as an argument. Key: ELY-299 URL: https://issues.jboss.org/browse/ELY-299 Project: WildFly Elytron Issue Type: Enhancement Components: API / SPI Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 1.1.0.Alpha1 In ELY-282 getCredentialSupport is being switched to check based on credential name, however at the mechanism level there is still a need to know that the correct type can also be obtained as a mechanism is also dependent on the type. If we add getCredentialSupport(String credentialName, Class<?> credentialType) we can convert the methods that just take credential name to be default methods that call getCredentialSupport(credentialName, Object.class); -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5179) Some tests are unable to init arquillian protocol with security manager

by Gytis Trikleris (JIRA)

[ https://issues.jboss.org/browse/WFLY-5179?page=com.atlassian.jira.plugin.... ] Gytis Trikleris commented on WFLY-5179: --------------------------------------- Just to let you know, I'm updating RTS and XTS tests to work with security manager: https://github.com/gytis/jboss-as/commit/6799626bff25cd40fe1f0a68e94b72c1... I have to push changed to the Narayana code base first. But after that, I'll push test changes to WildFly upstream too. > Some tests are unable to init arquillian protocol with security manager > ----------------------------------------------------------------------- > > Key: WFLY-5179 > URL: https://issues.jboss.org/browse/WFLY-5179 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Marek Kopecký > Assignee: Ondrej Kotek > > *Description of problem:* > Some tests are unable to init arquillian protocol with security manager. > *Affected tests found so far:* > * org.jboss.as.test.integration.ee.injection.resource.ejblocalref.EjbLocalRefInjectionTestCase#testEjbLink > * org.jboss.as.test.integration.ee.injection.resource.ejblocalref.EjbLocalRefInjectionTestCase#testLookup > * org.jboss.as.test.integration.ee.injection.resource.enventry.EnvEntryInjectionTestCase#testEnvEntryInjectionIntoServlet > * org.jboss.as.test.integration.ejb.security.AuthenticationTestCase > * org.jboss.as.test.xts.annotation.client.TransactionalTestCase#testNoTransaction > * org.jboss.as.test.xts.annotation.client.TransactionalTestCase#testActiveTransaction > *How reproducible:* > Always. > *Steps to Reproduce:* > # ./integration-tests.sh -fae -Dmaven.test.failure.ignore=true -Dnode0=$MYTESTIP_1 -Dnode1=$MYTESTIP_2 -DfailIfNoTests=false -Dsecurity.manager -Dts.basic -Dts.noSmoke -Dtest=EjbLocalRefInjectionTestCase > *Actual results:* > {noformat} > java.lang.RuntimeException: Could not init arquillian protocol > at org.xnio.Xnio.doGetInstance(Xnio.java:238) > at org.xnio.Xnio.getInstance(Xnio.java:193) > at org.jboss.remoting3.Remoting.createEndpoint(Remoting.java:112) > at org.jboss.as.controller.client.impl.RemotingModelControllerClient.getOrCreateChannel(RemotingModelControllerClient.java:122) > at org.jboss.as.controller.client.impl.RemotingModelControllerClient$1.getChannel(RemotingModelControllerClient.java:65) > at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:147) > at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:122) > at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeRequest(AbstractModelControllerClient.java:263) > at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:168) > at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeForResult(AbstractModelControllerClient.java:147) > at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:75) > at org.jboss.as.arquillian.container.ManagementClient.init(ManagementClient.java:140) > at org.jboss.as.arquillian.container.ManagementClient.getWebUri(ManagementClient.java:177) > at org.jboss.as.test.integration.ee.injection.resource.ejblocalref.EjbLocalRefInjectionTestCase.performCall(EjbLocalRefInjectionTestCase.java:62) > at org.jboss.as.test.integration.ee.injection.resource.ejblocalref.EjbLocalRefInjectionTestCase.testEjbLink(EjbLocalRefInjectionTestCase.java:73) > {noformat} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5428) Xml files from wildfly don't end with "new line character"

by Tomaz Cerar (JIRA)

[ https://issues.jboss.org/browse/WFLY-5428?page=com.atlassian.jira.plugin.... ] Tomaz Cerar reassigned WFLY-5428: --------------------------------- Assignee: Tomaz Cerar (was: Paul Gier) > Xml files from wildfly don't end with "new line character" > ---------------------------------------------------------- > > Key: WFLY-5428 > URL: https://issues.jboss.org/browse/WFLY-5428 > Project: WildFly > Issue Type: Bug > Components: Build System > Affects Versions: 10.0.0.CR2 > Reporter: Marek Kopecký > Assignee: Tomaz Cerar > > *Description of problem:* > * Some of xml files from *wildfly* don't end with "new line character". > * Each xml file should end with "new line character", because of posix standard: > ** http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#t... > * List of affected files: > ** ./docs/examples/configs/standalone-gossip-ha.xml > ** ./docs/examples/configs/standalone-ec2-ha.xml > ** ./docs/examples/configs/standalone-picketlink.xml > ** ./docs/examples/configs/standalone-ec2-full-ha.xml > ** ./docs/examples/configs/standalone-rts.xml > ** ./docs/examples/configs/standalone-jts.xml > ** ./docs/examples/configs/standalone-xts.xml > ** ./docs/examples/configs/standalone-genericjms.xml > ** ./docs/examples/configs/standalone-gossip-full-ha.xml > ** ./standalone/configuration/standalone.xml > ** ./standalone/configuration/standalone-ha.xml > ** ./standalone/configuration/standalone-full.xml > ** ./standalone/configuration/standalone-full-ha.xml > *How reproducible:* > Always > *Steps to Reproduce:* > # cd EAP_HOME > # {noformat} > for xml in `find -type f | grep xml$`; do > if [ "`cat -E $xml | tail -n 1 |grep -o '.$'`" != "$" ] ; then > echo $xml > fi > done > {noformat} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1021) Xml files from wildfly-core don't end with "new line character"

by Tomaz Cerar (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1021?page=com.atlassian.jira.plugi... ] Tomaz Cerar reassigned WFCORE-1021: ----------------------------------- Assignee: Tomaz Cerar (was: Paul Gier) > Xml files from wildfly-core don't end with "new line character" > --------------------------------------------------------------- > > Key: WFCORE-1021 > URL: https://issues.jboss.org/browse/WFCORE-1021 > Project: WildFly Core > Issue Type: Bug > Components: Server > Affects Versions: 2.0.0.CR5 > Reporter: Marek Kopecký > Assignee: Tomaz Cerar > > *Description of problem:* > * Some of xml files from *wildfly-core* don't end with "new line character". > * Each xml file should end with "new line character", because of posix standard: > ** http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#t... > * List of affected files: > ** ./modules/system/layers/base/org/wildfly/security/elytron/main/module.xml > ** ./domain/configuration/host.xml > ** ./domain/configuration/domain.xml > ** ./domain/configuration/host-slave.xml > ** ./domain/configuration/host-master.xml > ** ./standalone/configuration/standalone.xml > *How reproducible:* > Always > *Steps to Reproduce:* > # cd EAP_HOME > # {noformat} > for xml in `find -type f | grep xml$`; do > if [ "`cat -E $xml | tail -n 1 |grep -o '.$'`" != "$" ] ; then > echo $xml > fi > done > {noformat} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-708) Need to configure JAAS for host controller in host.xml

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFCORE-708?page=com.atlassian.jira.plugin... ] Darran Lofthouse resolved WFCORE-708. ------------------------------------- Fix Version/s: 2.0.0.CR6 Assignee: Darran Lofthouse Resolution: Won't Fix With ongoing changes this is not something we are planning to develop further. > Need to configure JAAS for host controller in host.xml > ------------------------------------------------------ > > Key: WFCORE-708 > URL: https://issues.jboss.org/browse/WFCORE-708 > Project: WildFly Core > Issue Type: Feature Request > Components: Domain Management, Security > Reporter: Hisanobu Okuda > Assignee: Darran Lofthouse > Fix For: 2.0.0.CR6 > > > I want to configure an advanced authentication for host controller as follow:- > (1) perform authentication against LDAP > (2) if (1) fails, perform authentication against properties file > To do this in domain mode, I need to set up a legacy JAAS config file and specify it via java.security.auth.login.config system property. It spoils maintainability and security of EAP6 in terms of:- > 1. unable to maintain it using jboss-cli.sh > 2. unable to use the vault feature for it -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 7 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira September 2015