October 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-7315) Empty result of attribute search in Elytron ldap-realm causes NPE

by Dmitrii Tikhomirov (JIRA)

[ https://issues.jboss.org/browse/WFLY-7315?page=com.atlassian.jira.plugin.... ] Dmitrii Tikhomirov reassigned WFLY-7315: ---------------------------------------- Assignee: Dmitrii Tikhomirov (was: Darran Lofthouse) > Empty result of attribute search in Elytron ldap-realm causes NPE > ----------------------------------------------------------------- > > Key: WFLY-7315 > URL: https://issues.jboss.org/browse/WFLY-7315 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Dmitrii Tikhomirov > > In case when Elytron ldap-realm is configured through attribute-mapping to return some attribute and LDAP search does not find this attribute for some entry, then NPE is thrown and authentication fails. > It is caused by missing null check for {{ldapAttribute}} in [1]. > Exception thrown to server log: > {code} > ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /print-roles/protected/printRoles: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [uid=jduke,ou=People,dc=jboss,dc=org] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:690) > at java.util.stream.Collectors.lambda$toMap$215(Collectors.java:1321) > at java.util.stream.ReduceOps$3ReducingSink.accept(ReduceOps.java:169) > at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1374) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractAttributes(LdapSecurityRealm.java:753) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributes(LdapSecurityRealm.java:634) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$getIdentity$1(LdapSecurityRealm.java:593) > at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity$LdapSearch$1.tryAdvance(LdapSecurityRealm.java:944) > at java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:126) > at java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:498) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:485) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.FindOps$FindOp.evaluateSequential(FindOps.java:152) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.findFirst(ReferencePipeline.java:464) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getIdentity(LdapSecurityRealm.java:598) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.exists(LdapSecurityRealm.java:545) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.verifyEvidence(LdapSecurityRealm.java:513) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.verifyEvidence(ServerAuthenticationContext.java:1634) > at org.wildfly.security.auth.server.ServerAuthenticationContext.verifyEvidence(ServerAuthenticationContext.java:654) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:818) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:752) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:850) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:703) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113) > at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(UsernamePasswordAuthenticationMechanism.java:69) > at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:151) > at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:115) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:106) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:90) > at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:74) > at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:82) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55) > at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:207) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:810) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [uid=jduke,ou=People,dc=jboss,dc=org] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$5(LdapSecurityRealm.java:678) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity$LdapSearch$1.tryAdvance(LdapSecurityRealm.java:944) > at java.util.Spliterator.forEachRemaining(Spliterator.java:326) > at java.util.stream.ReferencePipeline$Head.forEach(ReferencePipeline.java:580) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:650) > ... 67 more > Caused by: java.lang.NullPointerException > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$5(LdapSecurityRealm.java:672) > ... 71 more > {code} > [1] https://github.com/wildfly-security/wildfly-elytron/blob/cb57f2f0ffcdb147... -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7315) Empty result of attribute search in Elytron ldap-realm causes NPE

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7315?page=com.atlassian.jira.plugin.... ] Jan Kalina commented on WFLY-7315: ---------------------------------- This will not be in conflict - no problem to assign. > Empty result of attribute search in Elytron ldap-realm causes NPE > ----------------------------------------------------------------- > > Key: WFLY-7315 > URL: https://issues.jboss.org/browse/WFLY-7315 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > > In case when Elytron ldap-realm is configured through attribute-mapping to return some attribute and LDAP search does not find this attribute for some entry, then NPE is thrown and authentication fails. > It is caused by missing null check for {{ldapAttribute}} in [1]. > Exception thrown to server log: > {code} > ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /print-roles/protected/printRoles: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [uid=jduke,ou=People,dc=jboss,dc=org] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:690) > at java.util.stream.Collectors.lambda$toMap$215(Collectors.java:1321) > at java.util.stream.ReduceOps$3ReducingSink.accept(ReduceOps.java:169) > at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1374) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractAttributes(LdapSecurityRealm.java:753) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributes(LdapSecurityRealm.java:634) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$getIdentity$1(LdapSecurityRealm.java:593) > at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity$LdapSearch$1.tryAdvance(LdapSecurityRealm.java:944) > at java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:126) > at java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:498) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:485) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.FindOps$FindOp.evaluateSequential(FindOps.java:152) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.findFirst(ReferencePipeline.java:464) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getIdentity(LdapSecurityRealm.java:598) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.exists(LdapSecurityRealm.java:545) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.verifyEvidence(LdapSecurityRealm.java:513) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.verifyEvidence(ServerAuthenticationContext.java:1634) > at org.wildfly.security.auth.server.ServerAuthenticationContext.verifyEvidence(ServerAuthenticationContext.java:654) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:818) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:752) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:850) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:703) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113) > at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(UsernamePasswordAuthenticationMechanism.java:69) > at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:151) > at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:115) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:106) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:90) > at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:74) > at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:82) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55) > at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:207) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:810) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [uid=jduke,ou=People,dc=jboss,dc=org] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$5(LdapSecurityRealm.java:678) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity$LdapSearch$1.tryAdvance(LdapSecurityRealm.java:944) > at java.util.Spliterator.forEachRemaining(Spliterator.java:326) > at java.util.stream.ReferencePipeline$Head.forEach(ReferencePipeline.java:580) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:650) > ... 67 more > Caused by: java.lang.NullPointerException > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$5(LdapSecurityRealm.java:672) > ... 71 more > {code} > [1] https://github.com/wildfly-security/wildfly-elytron/blob/cb57f2f0ffcdb147... -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7316) LDAP referrals does not work for Elytron dir-context since value of dir-context.referral-mode is always ignored

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7316?page=com.atlassian.jira.plugin.... ] Jan Kalina reassigned WFLY-7316: -------------------------------- Assignee: Jan Kalina (was: Darran Lofthouse) > LDAP referrals does not work for Elytron dir-context since value of dir-context.referral-mode is always ignored > --------------------------------------------------------------------------------------------------------------- > > Key: WFLY-7316 > URL: https://issues.jboss.org/browse/WFLY-7316 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Jan Kalina > Priority: Blocker > > Elytron dir-context is not able to follow/throw referrals in LDAP search. Value set in Elytron {{dir-context.referral-mode}} is ignored by Elytron. > InitialLdapContext {{java.naming.referral}} parameter is internally always set to value {{ignore}}. It is caused by ignoring {{ReferralMode}} parameter in {{obtainDirContext}} of {{org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory}} [1]. > We request blocker flag since this issue causes that referrals cannot be used for LDAP search with Elytron. > [1] https://github.com/wildfly-security/wildfly-elytron/blob/cb57f2f0ffcdb147... -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7317) Elytron ldap-key-store DMR XSD inconsistency

by Martin Choma (JIRA)

[ https://issues.jboss.org/browse/WFLY-7317?page=com.atlassian.jira.plugin.... ] Martin Choma moved JBEAP-6441 to WFLY-7317: ------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-7317 (was: JBEAP-6441) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Security (was: Security) Affects Version/s: 11.0.0.Alpha1 (was: 7.1.0.DR6) > Elytron ldap-key-store DMR XSD inconsistency > --------------------------------------------- > > Key: WFLY-7317 > URL: https://issues.jboss.org/browse/WFLY-7317 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Martin Choma > > * in XSD there are missing attributes {{key-attribute}} and {{key-type}} > * in XSD {{value}} attribute of {{new-item-template}} is not a list type as in DMR > * in DMR {{name}} in {{new-item-attributes}} is optional. In XSD it is marked as required. Should be required in DMR as well. > * synchronize documenation of XSD and DMR. Documentation in XSD seems little bit detailed. > * In {{certificate-type}} and {{certificate-attribute}} probably remove link to oracle java 8 documentation. I consider it usefull, but I see couple of maintaining issues. Link can change. Java 9 is comming and can have own enumaration. We also support IBM java. Just stating "For possible values see java documentation of CertificateFactory/CertPathEncodings" would be enough here -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 6 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1323) DefaultAgenda.immediateHalt takes up 20% of performance in statefull cases: investigate why

by Geoffrey De Smet (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1323?page=com.atlassian.jira.plugi... ] Geoffrey De Smet edited comment on DROOLS-1323 at 10/14/16 8:36 AM: -------------------------------------------------------------------- Here are 2 normal runs and 2 hacked (= without the notifyAll()) call runs on the benchmarker config (not the same as the one that's being profiled, running that one now): [^Selection_246.png] In this case, there is maybe a 1% improvement. Update: ON THE SMALL DATASET. was (Author: ge0ffrey): Here are 2 normal runs and 2 hacked (= without the notifyAll()) call runs on the benchmarker config (not the same as the one that's being profiled, running that one now): [^Selection_246.png] In this case, there is maybe a 1% improvement. > DefaultAgenda.immediateHalt takes up 20% of performance in statefull cases: investigate why > ------------------------------------------------------------------------------------------- > > Key: DROOLS-1323 > URL: https://issues.jboss.org/browse/DROOLS-1323 > Project: Drools > Issue Type: Task > Components: core engine > Reporter: Geoffrey De Smet > Assignee: Mario Fusco > Attachments: Selection_240.png, Selection_241.png, Selection_245.png, Selection_246.png, Selection_247.png > > > Mario and Geoffrey will investigate, but here's the profiler reports to prove it. > to reproduce: OptaPlannerExamplesApp -> cloud balancing use case -> load dataset with 1600computer + turn off refresh checkbox -> start cpu profiling -> button solve -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 6 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1323) DefaultAgenda.immediateHalt takes up 20% of performance in statefull cases: investigate why

by Geoffrey De Smet (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1323?page=com.atlassian.jira.plugi... ] Geoffrey De Smet edited comment on DROOLS-1323 at 10/14/16 8:36 AM: -------------------------------------------------------------------- And here's with the vanilla config: [^Selection_247.png] That's a 5% improvement. Update: ON THE SMALL DATASET. was (Author: ge0ffrey): And here's with the vanilla config: [^Selection_247.png] That's a 5% improvement. > DefaultAgenda.immediateHalt takes up 20% of performance in statefull cases: investigate why > ------------------------------------------------------------------------------------------- > > Key: DROOLS-1323 > URL: https://issues.jboss.org/browse/DROOLS-1323 > Project: Drools > Issue Type: Task > Components: core engine > Reporter: Geoffrey De Smet > Assignee: Mario Fusco > Attachments: Selection_240.png, Selection_241.png, Selection_245.png, Selection_246.png, Selection_247.png > > > Mario and Geoffrey will investigate, but here's the profiler reports to prove it. > to reproduce: OptaPlannerExamplesApp -> cloud balancing use case -> load dataset with 1600computer + turn off refresh checkbox -> start cpu profiling -> button solve -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 6 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1323) DefaultAgenda.immediateHalt takes up 20% of performance in statefull cases: investigate why

by Geoffrey De Smet (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1323?page=com.atlassian.jira.plugi... ] Geoffrey De Smet updated DROOLS-1323: ------------------------------------- Attachment: Selection_247.png And here's with the vanilla config: [^Selection_247.png] That's a 5% improvement. > DefaultAgenda.immediateHalt takes up 20% of performance in statefull cases: investigate why > ------------------------------------------------------------------------------------------- > > Key: DROOLS-1323 > URL: https://issues.jboss.org/browse/DROOLS-1323 > Project: Drools > Issue Type: Task > Components: core engine > Reporter: Geoffrey De Smet > Assignee: Mario Fusco > Attachments: Selection_240.png, Selection_241.png, Selection_245.png, Selection_246.png, Selection_247.png > > > Mario and Geoffrey will investigate, but here's the profiler reports to prove it. > to reproduce: OptaPlannerExamplesApp -> cloud balancing use case -> load dataset with 1600computer + turn off refresh checkbox -> start cpu profiling -> button solve -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7315) Empty result of attribute search in Elytron ldap-realm causes NPE

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7315?page=com.atlassian.jira.plugin.... ] Darran Lofthouse commented on WFLY-7315: ---------------------------------------- Please contact [~honza889] as he is looking after these kinds of issue at the moment. Additional contribution is welcome but Honza will be able to tell you if this is likely to conflict with something he is already working on or is possibly being fixed as a side effect of another issue. > Empty result of attribute search in Elytron ldap-realm causes NPE > ----------------------------------------------------------------- > > Key: WFLY-7315 > URL: https://issues.jboss.org/browse/WFLY-7315 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > > In case when Elytron ldap-realm is configured through attribute-mapping to return some attribute and LDAP search does not find this attribute for some entry, then NPE is thrown and authentication fails. > It is caused by missing null check for {{ldapAttribute}} in [1]. > Exception thrown to server log: > {code} > ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /print-roles/protected/printRoles: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [uid=jduke,ou=People,dc=jboss,dc=org] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:690) > at java.util.stream.Collectors.lambda$toMap$215(Collectors.java:1321) > at java.util.stream.ReduceOps$3ReducingSink.accept(ReduceOps.java:169) > at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1374) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractAttributes(LdapSecurityRealm.java:753) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributes(LdapSecurityRealm.java:634) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$getIdentity$1(LdapSecurityRealm.java:593) > at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity$LdapSearch$1.tryAdvance(LdapSecurityRealm.java:944) > at java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:126) > at java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:498) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:485) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.FindOps$FindOp.evaluateSequential(FindOps.java:152) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.findFirst(ReferencePipeline.java:464) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getIdentity(LdapSecurityRealm.java:598) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.exists(LdapSecurityRealm.java:545) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.verifyEvidence(LdapSecurityRealm.java:513) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.verifyEvidence(ServerAuthenticationContext.java:1634) > at org.wildfly.security.auth.server.ServerAuthenticationContext.verifyEvidence(ServerAuthenticationContext.java:654) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:818) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:752) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:850) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:703) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113) > at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(UsernamePasswordAuthenticationMechanism.java:69) > at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:151) > at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:115) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:106) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:90) > at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:74) > at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:82) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55) > at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:207) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:810) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [uid=jduke,ou=People,dc=jboss,dc=org] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$5(LdapSecurityRealm.java:678) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity$LdapSearch$1.tryAdvance(LdapSecurityRealm.java:944) > at java.util.Spliterator.forEachRemaining(Spliterator.java:326) > at java.util.stream.ReferencePipeline$Head.forEach(ReferencePipeline.java:580) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:650) > ... 67 more > Caused by: java.lang.NullPointerException > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$5(LdapSecurityRealm.java:672) > ... 71 more > {code} > [1] https://github.com/wildfly-security/wildfly-elytron/blob/cb57f2f0ffcdb147... -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 6 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1323) DefaultAgenda.immediateHalt takes up 20% of performance in statefull cases: investigate why

by Geoffrey De Smet (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1323?page=com.atlassian.jira.plugi... ] Geoffrey De Smet edited comment on DROOLS-1323 at 10/14/16 8:26 AM: -------------------------------------------------------------------- Here are 2 normal runs and 2 hacked (= without the notifyAll()) call runs on the benchmarker config (not the same as the one that's being profiled, running that one now): [^Selection_246.png] In this case, there is maybe a 1% improvement. was (Author: ge0ffrey): Here are 2 normal runs and 2 hacked (= without the notifyAll()) call runs on the benchmarker config (not the same as the one that's being profiled, running that one now): [^Selection_246.png] > DefaultAgenda.immediateHalt takes up 20% of performance in statefull cases: investigate why > ------------------------------------------------------------------------------------------- > > Key: DROOLS-1323 > URL: https://issues.jboss.org/browse/DROOLS-1323 > Project: Drools > Issue Type: Task > Components: core engine > Reporter: Geoffrey De Smet > Assignee: Mario Fusco > Attachments: Selection_240.png, Selection_241.png, Selection_245.png, Selection_246.png > > > Mario and Geoffrey will investigate, but here's the profiler reports to prove it. > to reproduce: OptaPlannerExamplesApp -> cloud balancing use case -> load dataset with 1600computer + turn off refresh checkbox -> start cpu profiling -> button solve -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 6 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1323) DefaultAgenda.immediateHalt takes up 20% of performance in statefull cases: investigate why

by Geoffrey De Smet (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1323?page=com.atlassian.jira.plugi... ] Geoffrey De Smet edited comment on DROOLS-1323 at 10/14/16 8:26 AM: -------------------------------------------------------------------- Here are 2 normal runs and 2 hacked (= without the notifyAll()) call runs on the benchmarker config (not the same as the one that's being profiled, running that one now): [^Selection_246.png] was (Author: ge0ffrey): Here are 2 normal runs and 2 hacked (= without the notifyAll()) call runs: [^Selection_246.png] > DefaultAgenda.immediateHalt takes up 20% of performance in statefull cases: investigate why > ------------------------------------------------------------------------------------------- > > Key: DROOLS-1323 > URL: https://issues.jboss.org/browse/DROOLS-1323 > Project: Drools > Issue Type: Task > Components: core engine > Reporter: Geoffrey De Smet > Assignee: Mario Fusco > Attachments: Selection_240.png, Selection_241.png, Selection_245.png, Selection_246.png > > > Mario and Geoffrey will investigate, but here's the profiler reports to prove it. > to reproduce: OptaPlannerExamplesApp -> cloud balancing use case -> load dataset with 1600computer + turn off refresh checkbox -> start cpu profiling -> button solve -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 6 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira October 2016