[JBoss JIRA] (ELY-251) More certain credential based mechanism selection.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-251?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-251:
---------------------------------
Fix Version/s: 1.1.0.Alpha2
(was: 1.1.0.Alpha1)
> More certain credential based mechanism selection.
> --------------------------------------------------
>
> Key: ELY-251
> URL: https://issues.jboss.org/browse/ELY-251
> Project: WildFly Elytron
> Issue Type: Task
> Components: SASL
> Reporter: Darran Lofthouse
> Fix For: 1.1.0.Alpha2
>
>
> When filtering authentication mechanisms we need to really be able to offer two modes: -
> 1 - Only offer a mech if we are sure it is supported.
> Risks only offering a weaker mechanism in a mixed domain but also eliminates mechanisms that could fail for a valid user that just happens to have a different credential type.
> 2- More general support.
> i.e. offer the mechs that may be supported.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 7 months
[JBoss JIRA] (ELY-54) Support for stronger hashes as alternatives to MD5
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-54?page=com.atlassian.jira.plugin.sys... ]
Darran Lofthouse updated ELY-54:
--------------------------------
Fix Version/s: 1.1.0.Alpha2
(was: 1.1.0.Alpha1)
> Support for stronger hashes as alternatives to MD5
> --------------------------------------------------
>
> Key: ELY-54
> URL: https://issues.jboss.org/browse/ELY-54
> Project: WildFly Elytron
> Issue Type: Feature Request
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.1.0.Alpha2
>
>
> Presently Digest authentication is based on MD5 - however we should either update the mechanism or add new mechanisms to support the use of stronger hashes.
> As this library is used both client and server side installations that require the stronger hashes can just ensure the client and server have the latest version of this library - installations that still require interaction with MD5 will need to ensure that it is still available as a mechanism.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 7 months
[JBoss JIRA] (ELY-299) Add getCredentialSupport methods that taks the credential type as an argument.
by Darran Lofthouse (JIRA)
Darran Lofthouse created ELY-299:
------------------------------------
Summary: Add getCredentialSupport methods that taks the credential type as an argument.
Key: ELY-299
URL: https://issues.jboss.org/browse/ELY-299
Project: WildFly Elytron
Issue Type: Enhancement
Components: API / SPI
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 1.1.0.Alpha1
In ELY-282 getCredentialSupport is being switched to check based on credential name, however at the mechanism level there is still a need to know that the correct type can also be obtained as a mechanism is also dependent on the type.
If we add getCredentialSupport(String credentialName, Class<?> credentialType) we can convert the methods that just take credential name to be default methods that call getCredentialSupport(credentialName, Object.class);
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 7 months
[JBoss JIRA] (WFLY-5179) Some tests are unable to init arquillian protocol with security manager
by Gytis Trikleris (JIRA)
[ https://issues.jboss.org/browse/WFLY-5179?page=com.atlassian.jira.plugin.... ]
Gytis Trikleris commented on WFLY-5179:
---------------------------------------
Just to let you know, I'm updating RTS and XTS tests to work with security manager: https://github.com/gytis/jboss-as/commit/6799626bff25cd40fe1f0a68e94b72c1...
I have to push changed to the Narayana code base first. But after that, I'll push test changes to WildFly upstream too.
> Some tests are unable to init arquillian protocol with security manager
> -----------------------------------------------------------------------
>
> Key: WFLY-5179
> URL: https://issues.jboss.org/browse/WFLY-5179
> Project: WildFly
> Issue Type: Bug
> Components: Test Suite
> Reporter: Marek Kopecký
> Assignee: Ondrej Kotek
>
> *Description of problem:*
> Some tests are unable to init arquillian protocol with security manager.
> *Affected tests found so far:*
> * org.jboss.as.test.integration.ee.injection.resource.ejblocalref.EjbLocalRefInjectionTestCase#testEjbLink
> * org.jboss.as.test.integration.ee.injection.resource.ejblocalref.EjbLocalRefInjectionTestCase#testLookup
> * org.jboss.as.test.integration.ee.injection.resource.enventry.EnvEntryInjectionTestCase#testEnvEntryInjectionIntoServlet
> * org.jboss.as.test.integration.ejb.security.AuthenticationTestCase
> * org.jboss.as.test.xts.annotation.client.TransactionalTestCase#testNoTransaction
> * org.jboss.as.test.xts.annotation.client.TransactionalTestCase#testActiveTransaction
> *How reproducible:*
> Always.
> *Steps to Reproduce:*
> # ./integration-tests.sh -fae -Dmaven.test.failure.ignore=true -Dnode0=$MYTESTIP_1 -Dnode1=$MYTESTIP_2 -DfailIfNoTests=false -Dsecurity.manager -Dts.basic -Dts.noSmoke -Dtest=EjbLocalRefInjectionTestCase
> *Actual results:*
> {noformat}
> java.lang.RuntimeException: Could not init arquillian protocol
> at org.xnio.Xnio.doGetInstance(Xnio.java:238)
> at org.xnio.Xnio.getInstance(Xnio.java:193)
> at org.jboss.remoting3.Remoting.createEndpoint(Remoting.java:112)
> at org.jboss.as.controller.client.impl.RemotingModelControllerClient.getOrCreateChannel(RemotingModelControllerClient.java:122)
> at org.jboss.as.controller.client.impl.RemotingModelControllerClient$1.getChannel(RemotingModelControllerClient.java:65)
> at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:147)
> at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:122)
> at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeRequest(AbstractModelControllerClient.java:263)
> at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:168)
> at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeForResult(AbstractModelControllerClient.java:147)
> at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:75)
> at org.jboss.as.arquillian.container.ManagementClient.init(ManagementClient.java:140)
> at org.jboss.as.arquillian.container.ManagementClient.getWebUri(ManagementClient.java:177)
> at org.jboss.as.test.integration.ee.injection.resource.ejblocalref.EjbLocalRefInjectionTestCase.performCall(EjbLocalRefInjectionTestCase.java:62)
> at org.jboss.as.test.integration.ee.injection.resource.ejblocalref.EjbLocalRefInjectionTestCase.testEjbLink(EjbLocalRefInjectionTestCase.java:73)
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 7 months
[JBoss JIRA] (WFLY-5428) Xml files from wildfly don't end with "new line character"
by Tomaz Cerar (JIRA)
[ https://issues.jboss.org/browse/WFLY-5428?page=com.atlassian.jira.plugin.... ]
Tomaz Cerar reassigned WFLY-5428:
---------------------------------
Assignee: Tomaz Cerar (was: Paul Gier)
> Xml files from wildfly don't end with "new line character"
> ----------------------------------------------------------
>
> Key: WFLY-5428
> URL: https://issues.jboss.org/browse/WFLY-5428
> Project: WildFly
> Issue Type: Bug
> Components: Build System
> Affects Versions: 10.0.0.CR2
> Reporter: Marek Kopecký
> Assignee: Tomaz Cerar
>
> *Description of problem:*
> * Some of xml files from *wildfly* don't end with "new line character".
> * Each xml file should end with "new line character", because of posix standard:
> ** http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#t...
> * List of affected files:
> ** ./docs/examples/configs/standalone-gossip-ha.xml
> ** ./docs/examples/configs/standalone-ec2-ha.xml
> ** ./docs/examples/configs/standalone-picketlink.xml
> ** ./docs/examples/configs/standalone-ec2-full-ha.xml
> ** ./docs/examples/configs/standalone-rts.xml
> ** ./docs/examples/configs/standalone-jts.xml
> ** ./docs/examples/configs/standalone-xts.xml
> ** ./docs/examples/configs/standalone-genericjms.xml
> ** ./docs/examples/configs/standalone-gossip-full-ha.xml
> ** ./standalone/configuration/standalone.xml
> ** ./standalone/configuration/standalone-ha.xml
> ** ./standalone/configuration/standalone-full.xml
> ** ./standalone/configuration/standalone-full-ha.xml
> *How reproducible:*
> Always
> *Steps to Reproduce:*
> # cd EAP_HOME
> # {noformat}
> for xml in `find -type f | grep xml$`; do
> if [ "`cat -E $xml | tail -n 1 |grep -o '.$'`" != "$" ] ; then
> echo $xml
> fi
> done
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 7 months
[JBoss JIRA] (WFCORE-1021) Xml files from wildfly-core don't end with "new line character"
by Tomaz Cerar (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1021?page=com.atlassian.jira.plugi... ]
Tomaz Cerar reassigned WFCORE-1021:
-----------------------------------
Assignee: Tomaz Cerar (was: Paul Gier)
> Xml files from wildfly-core don't end with "new line character"
> ---------------------------------------------------------------
>
> Key: WFCORE-1021
> URL: https://issues.jboss.org/browse/WFCORE-1021
> Project: WildFly Core
> Issue Type: Bug
> Components: Server
> Affects Versions: 2.0.0.CR5
> Reporter: Marek Kopecký
> Assignee: Tomaz Cerar
>
> *Description of problem:*
> * Some of xml files from *wildfly-core* don't end with "new line character".
> * Each xml file should end with "new line character", because of posix standard:
> ** http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#t...
> * List of affected files:
> ** ./modules/system/layers/base/org/wildfly/security/elytron/main/module.xml
> ** ./domain/configuration/host.xml
> ** ./domain/configuration/domain.xml
> ** ./domain/configuration/host-slave.xml
> ** ./domain/configuration/host-master.xml
> ** ./standalone/configuration/standalone.xml
> *How reproducible:*
> Always
> *Steps to Reproduce:*
> # cd EAP_HOME
> # {noformat}
> for xml in `find -type f | grep xml$`; do
> if [ "`cat -E $xml | tail -n 1 |grep -o '.$'`" != "$" ] ; then
> echo $xml
> fi
> done
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 7 months
[JBoss JIRA] (WFCORE-708) Need to configure JAAS for host controller in host.xml
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFCORE-708?page=com.atlassian.jira.plugin... ]
Darran Lofthouse resolved WFCORE-708.
-------------------------------------
Fix Version/s: 2.0.0.CR6
Assignee: Darran Lofthouse
Resolution: Won't Fix
With ongoing changes this is not something we are planning to develop further.
> Need to configure JAAS for host controller in host.xml
> ------------------------------------------------------
>
> Key: WFCORE-708
> URL: https://issues.jboss.org/browse/WFCORE-708
> Project: WildFly Core
> Issue Type: Feature Request
> Components: Domain Management, Security
> Reporter: Hisanobu Okuda
> Assignee: Darran Lofthouse
> Fix For: 2.0.0.CR6
>
>
> I want to configure an advanced authentication for host controller as follow:-
> (1) perform authentication against LDAP
> (2) if (1) fails, perform authentication against properties file
> To do this in domain mode, I need to set up a legacy JAAS config file and specify it via java.security.auth.login.config system property. It spoils maintainability and security of EAP6 in terms of:-
> 1. unable to maintain it using jboss-cli.sh
> 2. unable to use the vault feature for it
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 7 months