[JBoss JIRA] (WFLY-6002) Listener secure attribute doesn't work as expected
by Stuart Douglas (JIRA)
[ https://issues.jboss.org/browse/WFLY-6002?page=com.atlassian.jira.plugin.... ]
Stuart Douglas resolved WFLY-6002.
----------------------------------
Fix Version/s: 10.0.0.Final
Resolution: Done
> Listener secure attribute doesn't work as expected
> --------------------------------------------------
>
> Key: WFLY-6002
> URL: https://issues.jboss.org/browse/WFLY-6002
> Project: WildFly
> Issue Type: Bug
> Components: Web (Undertow)
> Affects Versions: 10.0.0.CR5
> Reporter: Radim Hatlapatka
> Assignee: Stuart Douglas
> Fix For: 10.0.0.Final
>
> Attachments: confidential.war
>
>
> When setting {{secure}} attributed on {{http-listener}} and deploying web application which requires secured connection ({{<transport-guarantee>CONFIDENTIAL</transport-guarantee>}}. The web application should be accessible even from the {{http}} as the listener is defined as secured, but instead it results to redirect to https (when having redirect-socket defined) or to internal server error (when no redirect-socket).
> Steps to reproduce:
> # start eap and deploy attached confidential.war
> # configure http-listener default as secured => /subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=secure, value=true)
> # reload the server
> # go to http://127.0.0.1:8080/confidential/index.jsp
> # you should get 200 response code, still you get 302, which is not correct as the listener is defined as secured
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 2 months
[JBoss JIRA] (WFLY-288) SecurityDomainJndiInjectable should allow "java:/jaas" prefixed security domain on demand
by Anil Saldanha (JIRA)
[ https://issues.jboss.org/browse/WFLY-288?page=com.atlassian.jira.plugin.s... ]
Anil Saldanha commented on WFLY-288:
------------------------------------
Gentlemen - why not just close this JIRA issue as out of date?
With each release, I get an email of this JIRA issue getting punted. :-)
> SecurityDomainJndiInjectable should allow "java:/jaas" prefixed security domain on demand
> -----------------------------------------------------------------------------------------
>
> Key: WFLY-288
> URL: https://issues.jboss.org/browse/WFLY-288
> Project: WildFly
> Issue Type: Feature Request
> Components: Security
> Reporter: Anil Saldanha
> Assignee: Stefan Guilhen
> Fix For: 10.1.0.Final
>
>
> Currently, security domain strings of the form "java:/jaas/sd" are not resolving properly. IMO we should allow users to deploy applications on AS4,5,6,7 if they need to.
> So have a flag inside the SecurityDomainJndiInjectable class that is turned off by default. If you turn it on, then "java:/jaas" is unprefixed if present.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 2 months
[JBoss JIRA] (WFLY-459) javassist should also be exported to Hibernate (native) applications
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFLY-459?page=com.atlassian.jira.plugin.s... ]
Jason Greene updated WFLY-459:
------------------------------
Fix Version/s: 10.1.0.Final
(was: 10.0.0.Final)
> javassist should also be exported to Hibernate (native) applications
> --------------------------------------------------------------------
>
> Key: WFLY-459
> URL: https://issues.jboss.org/browse/WFLY-459
> Project: WildFly
> Issue Type: Task
> Components: JPA / Hibernate
> Reporter: Scott Marlow
> Assignee: Scott Marlow
> Fix For: 10.1.0.Final
>
>
> Originally this jira was to stop exporting the javassist module to JPA deployments but it turns out that is fine to do. In addition, native Hibernate applications that depend on Hibernate, should also get the javassist dependency.
> # native Hibernate applications will get the javassist dependency via the application dependency on org.hibernate.
> # container managed JPA applications will get the javassist dependency via org.jboss.as.jpa.processor.JPADependencyProcessor (JPA deployer).
> # container managed JPA applications that embed their own copy of Hibernate jars will also get the javassist dependency via org.jboss.as.jpa.processor.JPADependencyProcessor (JPA deployer).
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 2 months
[JBoss JIRA] (WFLY-264) Add support for use1PcForAutoCommitTransactions
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFLY-264?page=com.atlassian.jira.plugin.s... ]
Jason Greene updated WFLY-264:
------------------------------
Fix Version/s: 10.1.0.Final
(was: 10.0.0.Final)
> Add support for use1PcForAutoCommitTransactions
> -----------------------------------------------
>
> Key: WFLY-264
> URL: https://issues.jboss.org/browse/WFLY-264
> Project: WildFly
> Issue Type: Feature Request
> Components: Clustering
> Reporter: Paul Ferraro
> Assignee: Radoslav Husar
> Priority: Minor
> Fix For: 10.1.0.Final
>
>
> Since clustered web sessions/SFSBs won't ever incur inter-node concurrent access, we can tolerate a 1PC commit optimization - which will reduce the number of RPCs involved in replication/distribution. This should result it a significant performance gains for REPL_SYNC and DIST_SYNC caches.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 2 months
[JBoss JIRA] (WFLY-2100) Vault.sh logging improvements
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFLY-2100?page=com.atlassian.jira.plugin.... ]
Jason Greene updated WFLY-2100:
-------------------------------
Fix Version/s: 10.1.0.Final
(was: 10.0.0.Final)
> Vault.sh logging improvements
> -----------------------------
>
> Key: WFLY-2100
> URL: https://issues.jboss.org/browse/WFLY-2100
> Project: WildFly
> Issue Type: Feature Request
> Components: Security
> Affects Versions: 8.0.0.Alpha4
> Reporter: Chris Dolphy
> Assignee: Peter Skopek
> Fix For: 10.1.0.Final
>
>
> Several errors with vault.sh (ineractive Vault Tool) do not display enough information to debug.
> For example, "Exception occurred:PBOX000128: Unable to encrypt data". It would be nice if there was some way to see the cause of this exception either with additional logging options, a verbose option or by default. This one is caused by VaultInteraction.java only displaying the localized error message of the exception.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
8 years, 2 months