October 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-7316) LDAP referrals does not work for Elytron dir-context since value of dir-context.referral-mode is always ignored

by Ondrej Lukas (JIRA)

Ondrej Lukas created WFLY-7316: ---------------------------------- Summary: LDAP referrals does not work for Elytron dir-context since value of dir-context.referral-mode is always ignored Key: WFLY-7316 URL: https://issues.jboss.org/browse/WFLY-7316 Project: WildFly Issue Type: Bug Components: Security Reporter: Ondrej Lukas Assignee: Darran Lofthouse Priority: Blocker Elytron dir-context is not able to follow/throw referrals in LDAP search. Value set in Elytron {{dir-context.referral-mode}} is ignored by Elytron. InitialLdapContext {{java.naming.referral}} parameter is internally always set to value {{ignore}}. It is caused by ignoring {{ReferralMode}} parameter in {{obtainDirContext}} of {{org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory}} [1]. We request blocker flag since this issue causes that referrals cannot be used for LDAP search with Elytron. [1] https://github.com/wildfly-security/wildfly-elytron/blob/cb57f2f0ffcdb147... -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (ELY-662) Eliminate CredentialStore interaction from within SASL mechanisms.

by Darran Lofthouse (JIRA)

Darran Lofthouse created ELY-662: ------------------------------------ Summary: Eliminate CredentialStore interaction from within SASL mechanisms. Key: ELY-662 URL: https://issues.jboss.org/browse/ELY-662 Project: WildFly Elytron Issue Type: Enhancement Components: Credential Store, SASL Reporter: Darran Lofthouse Assignee: Peter Skopek Priority: Critical Fix For: 1.1.0.Beta11 The conversion between callbacks and credential store should be handled centrally within the callback handler and not within the mechanism. This way all mechanisms can use the core integration including mechanisms that may not be Elytron aware just using standard Java callbacks. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7314) Elytron new-item-attributes are not serialized into standalone.xml

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7314?page=com.atlassian.jira.plugin.... ] Jan Kalina commented on WFLY-7314: ---------------------------------- The problem was the new-item-* attributes should depend each other. Added check to model. > Elytron new-item-attributes are not serialized into standalone.xml > ------------------------------------------------------------------ > > Key: WFLY-7314 > URL: https://issues.jboss.org/browse/WFLY-7314 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Martin Choma > Assignee: Jan Kalina > Priority: Critical > > {{new-item-attributes}} of {{ldap-key-store}} doesn't survive restart of server. > See steps to reproduce for details. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7315) Empty result of attribute search in Elytron ldap-realm causes NPE

by Ondrej Lukas (JIRA)

Ondrej Lukas created WFLY-7315: ---------------------------------- Summary: Empty result of attribute search in Elytron ldap-realm causes NPE Key: WFLY-7315 URL: https://issues.jboss.org/browse/WFLY-7315 Project: WildFly Issue Type: Bug Components: Security Reporter: Ondrej Lukas Assignee: Darran Lofthouse In case when Elytron ldap-realm is configured through attribute-mapping to return some attribute and LDAP search does not find this attribute for some entry, then NPE is thrown and authentication fails. It is caused by missing null check for {{ldapAttribute}} in [1]. Exception thrown to server log: {code} ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /print-roles/protected/printRoles: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [uid=jduke,ou=People,dc=jboss,dc=org] at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:690) at java.util.stream.Collectors.lambda$toMap$215(Collectors.java:1321) at java.util.stream.ReduceOps$3ReducingSink.accept(ReduceOps.java:169) at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1374) at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499) at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractAttributes(LdapSecurityRealm.java:753) at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributes(LdapSecurityRealm.java:634) at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$getIdentity$1(LdapSecurityRealm.java:593) at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity$LdapSearch$1.tryAdvance(LdapSecurityRealm.java:944) at java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:126) at java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:498) at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:485) at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) at java.util.stream.FindOps$FindOp.evaluateSequential(FindOps.java:152) at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) at java.util.stream.ReferencePipeline.findFirst(ReferencePipeline.java:464) at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getIdentity(LdapSecurityRealm.java:598) at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.exists(LdapSecurityRealm.java:545) at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.verifyEvidence(LdapSecurityRealm.java:513) at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.verifyEvidence(ServerAuthenticationContext.java:1634) at org.wildfly.security.auth.server.ServerAuthenticationContext.verifyEvidence(ServerAuthenticationContext.java:654) at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:818) at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:752) at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:850) at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:703) at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113) at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(UsernamePasswordAuthenticationMechanism.java:69) at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:151) at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:115) at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77) at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:106) at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:90) at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:74) at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:82) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55) at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:207) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:810) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [uid=jduke,ou=People,dc=jboss,dc=org] at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$5(LdapSecurityRealm.java:678) at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity$LdapSearch$1.tryAdvance(LdapSecurityRealm.java:944) at java.util.Spliterator.forEachRemaining(Spliterator.java:326) at java.util.stream.ReferencePipeline$Head.forEach(ReferencePipeline.java:580) at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:650) ... 67 more Caused by: java.lang.NullPointerException at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$5(LdapSecurityRealm.java:672) ... 71 more {code} [1] https://github.com/wildfly-security/wildfly-elytron/blob/cb57f2f0ffcdb147... -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7315) Empty result of attribute search in Elytron ldap-realm causes NPE

by Ondrej Lukas (JIRA)

[ https://issues.jboss.org/browse/WFLY-7315?page=com.atlassian.jira.plugin.... ] Ondrej Lukas updated WFLY-7315: ------------------------------- Affects Version/s: 11.0.0.Alpha1 > Empty result of attribute search in Elytron ldap-realm causes NPE > ----------------------------------------------------------------- > > Key: WFLY-7315 > URL: https://issues.jboss.org/browse/WFLY-7315 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > > In case when Elytron ldap-realm is configured through attribute-mapping to return some attribute and LDAP search does not find this attribute for some entry, then NPE is thrown and authentication fails. > It is caused by missing null check for {{ldapAttribute}} in [1]. > Exception thrown to server log: > {code} > ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /print-roles/protected/printRoles: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [uid=jduke,ou=People,dc=jboss,dc=org] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:690) > at java.util.stream.Collectors.lambda$toMap$215(Collectors.java:1321) > at java.util.stream.ReduceOps$3ReducingSink.accept(ReduceOps.java:169) > at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1374) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractAttributes(LdapSecurityRealm.java:753) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributes(LdapSecurityRealm.java:634) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$getIdentity$1(LdapSecurityRealm.java:593) > at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity$LdapSearch$1.tryAdvance(LdapSecurityRealm.java:944) > at java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:126) > at java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:498) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:485) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.FindOps$FindOp.evaluateSequential(FindOps.java:152) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.findFirst(ReferencePipeline.java:464) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getIdentity(LdapSecurityRealm.java:598) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.exists(LdapSecurityRealm.java:545) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.verifyEvidence(LdapSecurityRealm.java:513) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.verifyEvidence(ServerAuthenticationContext.java:1634) > at org.wildfly.security.auth.server.ServerAuthenticationContext.verifyEvidence(ServerAuthenticationContext.java:654) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:818) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:752) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:850) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:703) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113) > at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(UsernamePasswordAuthenticationMechanism.java:69) > at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:151) > at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:115) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:106) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:90) > at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:74) > at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:82) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55) > at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:207) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:810) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [uid=jduke,ou=People,dc=jboss,dc=org] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$5(LdapSecurityRealm.java:678) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity$LdapSearch$1.tryAdvance(LdapSecurityRealm.java:944) > at java.util.Spliterator.forEachRemaining(Spliterator.java:326) > at java.util.stream.ReferencePipeline$Head.forEach(ReferencePipeline.java:580) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:650) > ... 67 more > Caused by: java.lang.NullPointerException > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$5(LdapSecurityRealm.java:672) > ... 71 more > {code} > [1] https://github.com/wildfly-security/wildfly-elytron/blob/cb57f2f0ffcdb147... -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7278) Unable to load LdapCtxFactory from elytron module

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7278?page=com.atlassian.jira.plugin.... ] Jan Kalina commented on WFLY-7278: ---------------------------------- Well... the problem was missing <module name="sun.jdk"/> in *elytron-subsystem*. (Was present only in wildfly-elytron.) > Unable to load LdapCtxFactory from elytron module > ------------------------------------------------- > > Key: WFLY-7278 > URL: https://issues.jboss.org/browse/WFLY-7278 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Jan Kalina > Assignee: Jan Kalina > > When *ldap-key-store* is used in *trust-manager*, trust-manager creation fails: > {code:java} > Caused by: javax.naming.NamingException: WFLYNAM0027: Failed instantiate InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory from classloader ModuleClassLoader for Module "org.wildfly.extension.elytron:main" from local module loader @77a57272 (finder: local module finder @7181ae3f (roots: /home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules,/home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules/system/layers/base)) [Root exception is java.lang.ClassNotFoundException: com.sun.jndi.ldap.LdapCtxFactory from [Module "org.wildfly.extension.elytron:main" from local module loader @77a57272 (finder: local module finder @7181ae3f (roots: /home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules,/home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules/system/layers/base))]] > at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:118) > at org.jboss.as.naming.InitialContext.init(InitialContext.java:99) > at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) > at org.jboss.as.naming.InitialContext.<init>(InitialContext.java:89) > at org.jboss.as.naming.InitialContextFactory.getInitialContext(InitialContextFactory.java:43) > at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) > at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) > at javax.naming.InitialContext.init(InitialContext.java:244) > at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) > at org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory.createDirContext(SimpleDirContextFactoryBuilder.java:286) > at org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory.obtainDirContext(SimpleDirContextFactoryBuilder.java:222) > at org.wildfly.extension.elytron.DirContextDefinition.lambda$null$0(DirContextDefinition.java:148) > at org.wildfly.security.keystore.LdapKeyStoreSpi.obtainDirContext(LdapKeyStoreSpi.java:120) > ... 16 more > java.lang.ClassNotFoundException: com.sun.jndi.ldap.LdapCtxFactory from [Module "org.wildfly.extension.elytron:main" from local module loader @77a57272 (finder: local module finder @7181ae3f (roots: /home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules,/home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules/system/layers/base))] > at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:199) > at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:364) > at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:352) > at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:94) > at java.lang.Class.forName0(Native Method) > at java.lang.Class.forName(Class.java:348) > at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:113) > ... 28 more > {code} > Direct key-store aliases listing using works ok: > {code:java} > /subsystem=elytron/ldap-key-store=LKS1/:read-children-names(child-type=alias) > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7314) Elytron new-item-attributes are not serialized into standalone.xml

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7314?page=com.atlassian.jira.plugin.... ] Jan Kalina reassigned WFLY-7314: -------------------------------- Assignee: Jan Kalina > Elytron new-item-attributes are not serialized into standalone.xml > ------------------------------------------------------------------ > > Key: WFLY-7314 > URL: https://issues.jboss.org/browse/WFLY-7314 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Martin Choma > Assignee: Jan Kalina > Priority: Critical > > {{new-item-attributes}} of {{ldap-key-store}} doesn't survive restart of server. > See steps to reproduce for details. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7314) Elytron new-item-attributes are not serialized into standalone.xml

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7314?page=com.atlassian.jira.plugin.... ] Jan Kalina commented on WFLY-7314: ---------------------------------- Missing testcase for ldap.xml in SubsystemParsingTestCase. > Elytron new-item-attributes are not serialized into standalone.xml > ------------------------------------------------------------------ > > Key: WFLY-7314 > URL: https://issues.jboss.org/browse/WFLY-7314 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Martin Choma > Priority: Critical > > {{new-item-attributes}} of {{ldap-key-store}} doesn't survive restart of server. > See steps to reproduce for details. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7278) Unable to load

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7278?page=com.atlassian.jira.plugin.... ] Jan Kalina updated WFLY-7278: ----------------------------- Summary: Unable to load (was: Unable to add trust-manager with ldap-key-store (classloading)) > Unable to load > --------------- > > Key: WFLY-7278 > URL: https://issues.jboss.org/browse/WFLY-7278 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Jan Kalina > Assignee: Jan Kalina > > When *ldap-key-store* is used in *trust-manager*, trust-manager creation fails: > {code:java} > Caused by: javax.naming.NamingException: WFLYNAM0027: Failed instantiate InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory from classloader ModuleClassLoader for Module "org.wildfly.extension.elytron:main" from local module loader @77a57272 (finder: local module finder @7181ae3f (roots: /home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules,/home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules/system/layers/base)) [Root exception is java.lang.ClassNotFoundException: com.sun.jndi.ldap.LdapCtxFactory from [Module "org.wildfly.extension.elytron:main" from local module loader @77a57272 (finder: local module finder @7181ae3f (roots: /home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules,/home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules/system/layers/base))]] > at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:118) > at org.jboss.as.naming.InitialContext.init(InitialContext.java:99) > at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) > at org.jboss.as.naming.InitialContext.<init>(InitialContext.java:89) > at org.jboss.as.naming.InitialContextFactory.getInitialContext(InitialContextFactory.java:43) > at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) > at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) > at javax.naming.InitialContext.init(InitialContext.java:244) > at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) > at org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory.createDirContext(SimpleDirContextFactoryBuilder.java:286) > at org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory.obtainDirContext(SimpleDirContextFactoryBuilder.java:222) > at org.wildfly.extension.elytron.DirContextDefinition.lambda$null$0(DirContextDefinition.java:148) > at org.wildfly.security.keystore.LdapKeyStoreSpi.obtainDirContext(LdapKeyStoreSpi.java:120) > ... 16 more > java.lang.ClassNotFoundException: com.sun.jndi.ldap.LdapCtxFactory from [Module "org.wildfly.extension.elytron:main" from local module loader @77a57272 (finder: local module finder @7181ae3f (roots: /home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules,/home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules/system/layers/base))] > at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:199) > at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:364) > at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:352) > at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:94) > at java.lang.Class.forName0(Native Method) > at java.lang.Class.forName(Class.java:348) > at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:113) > ... 28 more > {code} > Direct key-store aliases listing using works ok: > {code:java} > /subsystem=elytron/ldap-key-store=LKS1/:read-children-names(child-type=alias) > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7278) Unable to load LdapCtxFactory from elytron module

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7278?page=com.atlassian.jira.plugin.... ] Jan Kalina updated WFLY-7278: ----------------------------- Summary: Unable to load LdapCtxFactory from elytron module (was: Unable to load ) > Unable to load LdapCtxFactory from elytron module > ------------------------------------------------- > > Key: WFLY-7278 > URL: https://issues.jboss.org/browse/WFLY-7278 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Jan Kalina > Assignee: Jan Kalina > > When *ldap-key-store* is used in *trust-manager*, trust-manager creation fails: > {code:java} > Caused by: javax.naming.NamingException: WFLYNAM0027: Failed instantiate InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory from classloader ModuleClassLoader for Module "org.wildfly.extension.elytron:main" from local module loader @77a57272 (finder: local module finder @7181ae3f (roots: /home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules,/home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules/system/layers/base)) [Root exception is java.lang.ClassNotFoundException: com.sun.jndi.ldap.LdapCtxFactory from [Module "org.wildfly.extension.elytron:main" from local module loader @77a57272 (finder: local module finder @7181ae3f (roots: /home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules,/home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules/system/layers/base))]] > at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:118) > at org.jboss.as.naming.InitialContext.init(InitialContext.java:99) > at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) > at org.jboss.as.naming.InitialContext.<init>(InitialContext.java:89) > at org.jboss.as.naming.InitialContextFactory.getInitialContext(InitialContextFactory.java:43) > at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) > at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) > at javax.naming.InitialContext.init(InitialContext.java:244) > at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) > at org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory.createDirContext(SimpleDirContextFactoryBuilder.java:286) > at org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory.obtainDirContext(SimpleDirContextFactoryBuilder.java:222) > at org.wildfly.extension.elytron.DirContextDefinition.lambda$null$0(DirContextDefinition.java:148) > at org.wildfly.security.keystore.LdapKeyStoreSpi.obtainDirContext(LdapKeyStoreSpi.java:120) > ... 16 more > java.lang.ClassNotFoundException: com.sun.jndi.ldap.LdapCtxFactory from [Module "org.wildfly.extension.elytron:main" from local module loader @77a57272 (finder: local module finder @7181ae3f (roots: /home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules,/home/jkalina/wildfly/wildfly/build/target/wildfly-11.0.0.Alpha1-SNAPSHOT/modules/system/layers/base))] > at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:199) > at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:364) > at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:352) > at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:94) > at java.lang.Class.forName0(Native Method) > at java.lang.Class.forName(Class.java:348) > at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:113) > ... 28 more > {code} > Direct key-store aliases listing using works ok: > {code:java} > /subsystem=elytron/ldap-key-store=LKS1/:read-children-names(child-type=alias) > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 3 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira October 2016