September 2015 - jboss-jira - Jboss List Archives

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-297?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-297: --------------------------------- Summary: Account Lockout (was: Implement an account lockout mechanism for domain management.) > Account Lockout > --------------- > > Key: ELY-297 > URL: https://issues.jboss.org/browse/ELY-297 > Project: WildFly Elytron > Issue Type: Task > Components: HTTP, Realms, SASL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: Common_Authentication, Realm_Management, management_security, > > One issue to consider is that we are using realms to integrate with existing user stores so may not be able to update the remote store: - > - Consider an option to update the remote store if possible. > - If not cache a backlisted user until an admin unlocks that account > Before being implemented this feature will require further discussion, in additional to locking mechanisms for unlocking should also be considered and also the potentional for denail of service type attacks based on locking out the administrators. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-4872) Add the Elytron subsystem to the feature packs

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-4872?page=com.atlassian.jira.plugin.... ] Darran Lofthouse commented on WFLY-4872: ---------------------------------------- So far we create custom standalone-elytron.xml, host-elytron.xml and domain-elytron.xml configurations - at some point we will pull these changes into the actual configurations. > Add the Elytron subsystem to the feature packs > ---------------------------------------------- > > Key: WFLY-4872 > URL: https://issues.jboss.org/browse/WFLY-4872 > Project: WildFly > Issue Type: Sub-task > Components: Build System > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 11.0.0.Alpha1 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5431) Enable Elytron backed security for Undertow handled deployments.

by Darran Lofthouse (JIRA)

Darran Lofthouse created WFLY-5431: -------------------------------------- Summary: Enable Elytron backed security for Undertow handled deployments. Key: WFLY-5431 URL: https://issues.jboss.org/browse/WFLY-5431 Project: WildFly Issue Type: Sub-task Components: Web (Undertow) Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 11.0.0.Alpha1 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-747) Dynamic Detection of SPNEGO auth method and adding of NegotiationAuthenticator

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-747?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse resolved WFLY-747. ----------------------------------- Fix Version/s: 10.0.0.Final (was: Awaiting Volunteers) Assignee: Darran Lofthouse Resolution: Duplicate Issue SPNEGO authentication has been added to WildFly 10 so no further special handling required. > Dynamic Detection of SPNEGO auth method and adding of NegotiationAuthenticator > ------------------------------------------------------------------------------ > > Key: WFLY-747 > URL: https://issues.jboss.org/browse/WFLY-747 > Project: WildFly > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 10.0.0.Final > > > Previously a mapping for the SPNEGO auth method and the authenticator had to be manually defined, this capability is not present in AS7 however it is suggested that alternatively we can detect the auth method ourselves and dynamically add the valve - this seems cleaner as it potentially allows SPNEGO to be added/removed from a server without manual configuration being required. > It is suggested to look at the following code for an example where a valve has been added dynamically before: - > org.jboss.as.jpa.processor.PersistenceUnitDeploymentProcessor in the JPA subsystem. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-899) spelling mistakes in the management security domain should be logged better

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-899?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse resolved WFLY-899. ----------------------------------- Release Notes Text: Marking as out of date as across the application server we are moving to a new capability and requirement model to handle the dependencies between resources. The error reporting and level of any additional helpful messages to say suggest available alternatives should be a part of the general capabilities / requirements handling. Fix Version/s: 10.0.0.Final Resolution: Out of Date > spelling mistakes in the management security domain should be logged better > --------------------------------------------------------------------------- > > Key: WFLY-899 > URL: https://issues.jboss.org/browse/WFLY-899 > Project: WildFly > Issue Type: Feature Request > Components: Security, Server > Reporter: Tom Fonteyne > Assignee: Darran Lofthouse > Priority: Minor > Fix For: 10.0.0.Final > > > A spelling mistake in the management security domain prevents the server from starting (good) but the message in the log file is only stating: > [Host Controller] 08:35:37,672 FATAL [org.jboss.as.host.controller] (Controller Boot Thread) JBAS010933: Host Controller boot has failed in an unrecoverable manner; exiting. See previous messages for details. > There in fact no previous messages -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5154) DenyModulePermissionsTestCase, GrantModulePermissionsTestCase, LimitedModulePermissionsTestCase cannot deploy jar

by Marek Kopecký (JIRA)

[ https://issues.jboss.org/browse/WFLY-5154?page=com.atlassian.jira.plugin.... ] Marek Kopecký updated WFLY-5154: -------------------------------- Attachment: GrantModulePermissionsTestCase.stacktrace.txt > DenyModulePermissionsTestCase, GrantModulePermissionsTestCase, LimitedModulePermissionsTestCase cannot deploy jar > ----------------------------------------------------------------------------------------------------------------- > > Key: WFLY-5154 > URL: https://issues.jboss.org/browse/WFLY-5154 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Marek Kopecký > Assignee: Josef Cacek > Fix For: 10.0.0.CR2 > > Attachments: GrantModulePermissionsTestCase.stacktrace.txt > > > *Description of problem* > * org.jboss.as.testsuite.integration.secman.module.DenyModulePermissionsTestCase > ** fails with Cannot deploy: modperm-deny.jar > * org.jboss.as.testsuite.integration.secman.module.GrantModulePermissionsTestCase > ** fails with Cannot deploy: modperm-grant.jar > * org.jboss.as.testsuite.integration.secman.module.LimitedModulePermissionsTestCase > ** fails with Cannot deploy: modperm-limited.jar > *How reproducible* > * 15% > * OpenJDK, IBM JDK, Oracle JDK > * Solaris, Windows, RHEL > > *Expected results* > No failures in test case. > *Additional info* > See for server logs for DenyModulePermissionsTestCase in attachment -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5426) Data sources other than h2 cannot be added to domain servers

by Stefano Maestri (JIRA)

[ https://issues.jboss.org/browse/WFLY-5426?page=com.atlassian.jira.plugin.... ] Stefano Maestri commented on WFLY-5426: --------------------------------------- it's a regression of linked issue for hot deployed driver (not for module deplyed one) > Data sources other than h2 cannot be added to domain servers > ------------------------------------------------------------ > > Key: WFLY-5426 > URL: https://issues.jboss.org/browse/WFLY-5426 > Project: WildFly > Issue Type: Bug > Components: JCA > Affects Versions: 9.0.0.Final > Reporter: James Perkins > Assignee: Stefano Maestri > Priority: Blocker > Fix For: 10.0.0.Final > > > This seems to work okay with the h2 driver, but adding a postgres driver add operations fail. > The driver is deployed and is on the {{main-server-group}} which defaults to the {{full}} profile. > {code} > [domain@localhost:9990 /] /server-group=main-server-group:read-children-resources(child-type=deployment,recursive=true,include-runtime=true) > { > "outcome" => "success", > "result" => {"postgresql-9.4-1201.jdbc41.jar" => { > "enabled" => true, > "name" => "postgresql-9.4-1201.jdbc41.jar", > "runtime-name" => "postgresql-9.4-1201.jdbc41.jar" > }} > } > {code} > Attempting to add the data source results in the following error: > {code} > [domain@localhost:9990 /] /profile=full/subsystem=datasources/data-source=test-pg:add(driver-name=postgresql-9.4-1201.jdbc41.jar, connection-url=jdbc:postgresql://localhost:test,user-name=user,password=password, jndi-name=java:jboss/datasources/test-pg) > { > "outcome" => "failed", > "result" => undefined, > "failure-description" => {"WFLYDC0074: Operation failed or was rolled back on all servers. Server failures:" => {"server-group" => {"main-server-group" => {"host" => {"master" => { > "server-one" => {"WFLYCTL0080: Failed services" => {"jboss.data-source.java:jboss/datasources/test-pg" => "org.jboss.msc.service.StartException in service jboss.data-source.java:jboss/datasources/test-pg: WFLYJCA0033: Error during the deployment of test-pg > Caused by: org.jboss.msc.service.StartException in anonymous service: WFLYJCA0032: Unable to start the ds because it generated more than one cf"}}, > "server-two" => {"WFLYCTL0080: Failed services" => {"jboss.data-source.java:jboss/datasources/test-pg" => "org.jboss.msc.service.StartException in service jboss.data-source.java:jboss/datasources/test-pg: WFLYJCA0033: Error during the deployment of test-pg > Caused by: org.jboss.msc.service.StartException in anonymous service: WFLYJCA0032: Unable to start the ds because it generated more than one cf"}} > }}}}}}, > "rolled-back" => true, > "server-groups" => {"main-server-group" => {"host" => {"master" => { > "server-one" => {"response" => { > "outcome" => "failed", > "failure-description" => {"WFLYCTL0080: Failed services" => {"jboss.data-source.java:jboss/datasources/test-pg" => "org.jboss.msc.service.StartException in service jboss.data-source.java:jboss/datasources/test-pg: WFLYJCA0033: Error during the deployment of test-pg > Caused by: org.jboss.msc.service.StartException in anonymous service: WFLYJCA0032: Unable to start the ds because it generated more than one cf"}}, > "rolled-back" => true > }}, > "server-two" => {"response" => { > "outcome" => "failed", > "failure-description" => {"WFLYCTL0080: Failed services" => {"jboss.data-source.java:jboss/datasources/test-pg" => "org.jboss.msc.service.StartException in service jboss.data-source.java:jboss/datasources/test-pg: WFLYJCA0033: Error during the deployment of test-pg > Caused by: org.jboss.msc.service.StartException in anonymous service: WFLYJCA0032: Unable to start the ds because it generated more than one cf"}}, > "rolled-back" => true > }} > }}}} > } > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-755) Security Realm Plug-Ins to provide their own configuration parsers.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-755?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse resolved WFLY-755. ----------------------------------- Release Notes Text: Elytron is bringing custom realm definitions which will be replacing the use of plug-ins Fix Version/s: 10.0.0.Final (was: Awaiting Volunteers) Assignee: Darran Lofthouse Resolution: Out of Date > Security Realm Plug-Ins to provide their own configuration parsers. > ------------------------------------------------------------------- > > Key: WFLY-755 > URL: https://issues.jboss.org/browse/WFLY-755 > Project: WildFly > Issue Type: Task > Components: Domain Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 10.0.0.Final > > > Security realm plug-ins are currently configured with name / value pairs - to make plug-ins easier to use by those that did not implement them we should consider allowing a custom XML parser to allow new configuration elements to be defined. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-933) Allow to optionally pass a dependency filter when creating KieModuleMetaData

by Mario Fusco (JIRA)

Mario Fusco created DROOLS-933: ---------------------------------- Summary: Allow to optionally pass a dependency filter when creating KieModuleMetaData Key: DROOLS-933 URL: https://issues.jboss.org/browse/DROOLS-933 Project: Drools Issue Type: Feature Request Reporter: Mario Fusco Assignee: Mario Fusco When creating the meta data for a given KieModule it is required to optionally filter its dependencies with the following filtering interface: {code} public interface DependencyFilter { boolean accept(ReleaseId releaseId, String scope); } {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5154) DenyModulePermissionsTestCase, GrantModulePermissionsTestCase, LimitedModulePermissionsTestCase cannot deploy jar

by Marek Kopecký (JIRA)

[ https://issues.jboss.org/browse/WFLY-5154?page=com.atlassian.jira.plugin.... ] Marek Kopecký reopened WFLY-5154: --------------------------------- This issue is still valid in wildfly 10.0.0.CR2 > DenyModulePermissionsTestCase, GrantModulePermissionsTestCase, LimitedModulePermissionsTestCase cannot deploy jar > ----------------------------------------------------------------------------------------------------------------- > > Key: WFLY-5154 > URL: https://issues.jboss.org/browse/WFLY-5154 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Marek Kopecký > Assignee: Josef Cacek > Fix For: 10.0.0.CR2 > > > *Description of problem* > * org.jboss.as.testsuite.integration.secman.module.DenyModulePermissionsTestCase > ** fails with Cannot deploy: modperm-deny.jar > * org.jboss.as.testsuite.integration.secman.module.GrantModulePermissionsTestCase > ** fails with Cannot deploy: modperm-grant.jar > * org.jboss.as.testsuite.integration.secman.module.LimitedModulePermissionsTestCase > ** fails with Cannot deploy: modperm-limited.jar > *How reproducible* > * 15% > * OpenJDK, IBM JDK, Oracle JDK > * Solaris, Windows, RHEL > > *Expected results* > No failures in test case. > *Additional info* > See for server logs for DenyModulePermissionsTestCase in attachment -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira September 2015