[JBoss JIRA] (WFCORE-1992) CLI inconsistently parse {} in another object as UNDEFINED
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1992?page=com.atlassian.jira.plugi... ]
Jan Kalina updated WFCORE-1992:
-------------------------------
Priority: Minor (was: Major)
> CLI inconsistently parse {} in another object as UNDEFINED
> ----------------------------------------------------------
>
> Key: WFCORE-1992
> URL: https://issues.jboss.org/browse/WFCORE-1992
> Project: WildFly Core
> Issue Type: Bug
> Components: CLI
> Reporter: Jan Kalina
> Priority: Minor
>
> CLI interprets
> {code:java}
> /subsystem=elytron/properties-realm=realm:add(users-properties={path=$SOME_PATH},groups-properties={})
> {code}
> with *groups-properties=OBJECT{}* in input of performRuntime() of ADD operation.
> But if the {} is inside of another object, it gives *otp-credential-mapper=UNDEFINED* instead...
> {code:java}
> /subsystem=elytron/ldap-realm=ldap-realm8:add(dir-context=local-ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-7437) Inconsistencies in otp-credential-mapper attribute of Elytron ldap-realm
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFLY-7437?page=com.atlassian.jira.plugin.... ]
Jan Kalina edited comment on WFLY-7437 at 11/15/16 9:39 AM:
------------------------------------------------------------
The second problem reported as problem of CLI: WFCORE-1992
was (Author: honza889):
The second problem reported as problem of CLI.
> Inconsistencies in otp-credential-mapper attribute of Elytron ldap-realm
> ------------------------------------------------------------------------
>
> Key: WFLY-7437
> URL: https://issues.jboss.org/browse/WFLY-7437
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Alpha1
> Reporter: Ondrej Lukas
> Assignee: Jan Kalina
> Priority: Minor
> Labels: user_experience
>
> Attribute {{identity-mapping.otp-credential-mapper}} from Elytron ldap-realm should include Object which should contain four required attributes - algorithm-from, hash-from, seed-from, sequence-from. All of these attributes are set as nillable=false.
> However CLI allows to run command where otp-credential-mapper attribute is added without any attributes which is inconsistent with their nillable=false. See following command:
> {code}
> /subsystem=elytron/ldap-realm=ldap-realm:add(dir-context=ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
> {code}
> Moreover, this command results to configuration xml without any otp-credential-mapper:
> {code}
> <ldap-realm name="ldap-realm" dir-context="ldap">
> <identity-mapping rdn-identifier="uid"/>
> </ldap-realm>
> {code}
> In case when at least one of otp-credential-mapper required attribute is added, then CLI command correctly fails:
> {code}
> /subsystem=elytron/ldap-realm=ldap-realm:add(dir-context=ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={algorithm-from=atr}})
> {
> "outcome" => "failed",
> "failure-description" => "WFLYCTL0155: hash-from may not be null",
> "rolled-back" => true
> }
> {code}
> Suggestion:
> Do not allow to add {{identity-mapping.otp-credential-mapper}} without required attributes.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-7437) Inconsistencies in otp-credential-mapper attribute of Elytron ldap-realm
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFLY-7437?page=com.atlassian.jira.plugin.... ]
Jan Kalina commented on WFLY-7437:
----------------------------------
The second problem reported as problem of CLI.
> Inconsistencies in otp-credential-mapper attribute of Elytron ldap-realm
> ------------------------------------------------------------------------
>
> Key: WFLY-7437
> URL: https://issues.jboss.org/browse/WFLY-7437
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Alpha1
> Reporter: Ondrej Lukas
> Assignee: Jan Kalina
> Priority: Minor
> Labels: user_experience
>
> Attribute {{identity-mapping.otp-credential-mapper}} from Elytron ldap-realm should include Object which should contain four required attributes - algorithm-from, hash-from, seed-from, sequence-from. All of these attributes are set as nillable=false.
> However CLI allows to run command where otp-credential-mapper attribute is added without any attributes which is inconsistent with their nillable=false. See following command:
> {code}
> /subsystem=elytron/ldap-realm=ldap-realm:add(dir-context=ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
> {code}
> Moreover, this command results to configuration xml without any otp-credential-mapper:
> {code}
> <ldap-realm name="ldap-realm" dir-context="ldap">
> <identity-mapping rdn-identifier="uid"/>
> </ldap-realm>
> {code}
> In case when at least one of otp-credential-mapper required attribute is added, then CLI command correctly fails:
> {code}
> /subsystem=elytron/ldap-realm=ldap-realm:add(dir-context=ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={algorithm-from=atr}})
> {
> "outcome" => "failed",
> "failure-description" => "WFLYCTL0155: hash-from may not be null",
> "rolled-back" => true
> }
> {code}
> Suggestion:
> Do not allow to add {{identity-mapping.otp-credential-mapper}} without required attributes.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFCORE-1992) CLI inconsistently parse {} in another object as UNDEFINED
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1992?page=com.atlassian.jira.plugi... ]
Jan Kalina updated WFCORE-1992:
-------------------------------
Summary: CLI inconsistently parse {} in another object as UNDEFINED (was: CLI parsing of {} inside of another object)
> CLI inconsistently parse {} in another object as UNDEFINED
> ----------------------------------------------------------
>
> Key: WFCORE-1992
> URL: https://issues.jboss.org/browse/WFCORE-1992
> Project: WildFly Core
> Issue Type: Bug
> Components: CLI
> Reporter: Jan Kalina
>
> CLI interprets
> {code:java}
> /subsystem=elytron/properties-realm=realm:add(users-properties={path=$SOME_PATH},groups-properties={})
> {code}
> with *groups-properties=OBJECT{}* in input of performRuntime() of ADD operation.
> But if the {} is inside of another object, it gives *otp-credential-mapper=UNDEFINED* instead...
> {code:java}
> /subsystem=elytron/ldap-realm=ldap-realm8:add(dir-context=local-ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFCORE-1992) CLI parsing of {} inside of another object
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1992?page=com.atlassian.jira.plugi... ]
Jan Kalina updated WFCORE-1992:
-------------------------------
Description:
CLI interprets
{code:java}
/subsystem=elytron/properties-realm=realm:add(users-properties={path=$SOME_PATH},groups-properties={})
{code}
with *groups-properties=OBJECT{}* in input of performRuntime()
But if the {} is inside of another object, it gives *otp-credential-mapper=UNDEFINED* instead...
{code:java}
/subsystem=elytron/ldap-realm=ldap-realm8:add(dir-context=local-ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
{code}
was:
CLI interprets
{code:java}
/subsystem=elytron/properties-realm=realm:add(users-properties={path=$SOME_PATH},groups-properties={})
{code}
as *groups-properties=OBJECT{}* in input of performRuntime()
But if the {} is inside of another object, it gives *UNDEFINED* instead...
{code:java}
/subsystem=elytron/ldap-realm=ldap-realm8:add(dir-context=local-ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
{code}
> CLI parsing of {} inside of another object
> ------------------------------------------
>
> Key: WFCORE-1992
> URL: https://issues.jboss.org/browse/WFCORE-1992
> Project: WildFly Core
> Issue Type: Bug
> Components: CLI
> Reporter: Jan Kalina
>
> CLI interprets
> {code:java}
> /subsystem=elytron/properties-realm=realm:add(users-properties={path=$SOME_PATH},groups-properties={})
> {code}
> with *groups-properties=OBJECT{}* in input of performRuntime()
> But if the {} is inside of another object, it gives *otp-credential-mapper=UNDEFINED* instead...
> {code:java}
> /subsystem=elytron/ldap-realm=ldap-realm8:add(dir-context=local-ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFCORE-1992) CLI parsing of {} inside of another object
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1992?page=com.atlassian.jira.plugi... ]
Jan Kalina updated WFCORE-1992:
-------------------------------
Description:
CLI interprets
{code:java}
/subsystem=elytron/properties-realm=realm:add(users-properties={path=$SOME_PATH},groups-properties={})
{code}
with *groups-properties=OBJECT{}* in input of performRuntime() of ADD operation.
But if the {} is inside of another object, it gives *otp-credential-mapper=UNDEFINED* instead...
{code:java}
/subsystem=elytron/ldap-realm=ldap-realm8:add(dir-context=local-ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
{code}
was:
CLI interprets
{code:java}
/subsystem=elytron/properties-realm=realm:add(users-properties={path=$SOME_PATH},groups-properties={})
{code}
with *groups-properties=OBJECT{}* in input of performRuntime()
But if the {} is inside of another object, it gives *otp-credential-mapper=UNDEFINED* instead...
{code:java}
/subsystem=elytron/ldap-realm=ldap-realm8:add(dir-context=local-ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
{code}
> CLI parsing of {} inside of another object
> ------------------------------------------
>
> Key: WFCORE-1992
> URL: https://issues.jboss.org/browse/WFCORE-1992
> Project: WildFly Core
> Issue Type: Bug
> Components: CLI
> Reporter: Jan Kalina
>
> CLI interprets
> {code:java}
> /subsystem=elytron/properties-realm=realm:add(users-properties={path=$SOME_PATH},groups-properties={})
> {code}
> with *groups-properties=OBJECT{}* in input of performRuntime() of ADD operation.
> But if the {} is inside of another object, it gives *otp-credential-mapper=UNDEFINED* instead...
> {code:java}
> /subsystem=elytron/ldap-realm=ldap-realm8:add(dir-context=local-ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFCORE-1992) CLI parsing of {} inside of another object
by Jan Kalina (JIRA)
Jan Kalina created WFCORE-1992:
----------------------------------
Summary: CLI parsing of {} inside of another object
Key: WFCORE-1992
URL: https://issues.jboss.org/browse/WFCORE-1992
Project: WildFly Core
Issue Type: Bug
Components: CLI
Reporter: Jan Kalina
CLI interprets
{code:java}
/subsystem=elytron/properties-realm=realm:add(users-properties={path=$SOME_PATH},groups-properties={})
{code}
as *groups-properties=OBJECT{}* in input of performRuntime()
But if the {} is inside of another object, it gives *UNDEFINED* instead...
{code:java}
/subsystem=elytron/ldap-realm=ldap-realm8:add(dir-context=local-ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}})
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-7584) User should be able to specify only one password type for Elytron filesystem-realm identity
by David Lloyd (JIRA)
[ https://issues.jboss.org/browse/WFLY-7584?page=com.atlassian.jira.plugin.... ]
David Lloyd commented on WFLY-7584:
-----------------------------------
Actually it is supposed to support multiple credentials... so a user can have (for example) a DIGEST-MD5 hashed password plus a SCRAM-SHA-256 hashed password. But yes discarding the subsequent passwords is definitely wrong.
> User should be able to specify only one password type for Elytron filesystem-realm identity
> -------------------------------------------------------------------------------------------
>
> Key: WFLY-7584
> URL: https://issues.jboss.org/browse/WFLY-7584
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Alpha1
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Labels: user_experience
>
> It is possible to specify more types of password encryption/hash mechanism in {{set-password}} operation of filesystem-realm identity. When this happens then first password encryption/hash mechanism is correctly used, but the rest of them is discarded. However it make sense to have set only one password encryption/hash mechanism for identity. It can be confusing to allow CLI command with more types of password encryption/hash mechanism specified.
> Suggestion for improvement:
> Disallow to use set-password operation with more than one password encryption/hash mechanism.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (LOGTOOL-115) Ambiguous import problem with conflicting class name
by David Lloyd (JIRA)
[ https://issues.jboss.org/browse/LOGTOOL-115?page=com.atlassian.jira.plugi... ]
David Lloyd commented on LOGTOOL-115:
-------------------------------------
It looks like the generated class actually imported the one which was qualified in the interface, instead of the one that was imported by the interface. This doesn't really affect the cause or solution but might help to make sense of the error.
> Ambiguous import problem with conflicting class name
> ----------------------------------------------------
>
> Key: LOGTOOL-115
> URL: https://issues.jboss.org/browse/LOGTOOL-115
> Project: Log Tool
> Issue Type: Bug
> Affects Versions: 2.0.1.Final
> Reporter: David Lloyd
> Priority: Blocker
>
> If I have two classes with the same simple name in the logging interface, and a single method uses both of them, the generated class fails to qualify one of them, resulting in compilation errors like this:
> {noformat}
> [ERROR] /home/david/src/java/wildfly-naming/target/generated-sources/annotations/org/wildfly/naming/client/_private/Messages_$logger.java:[35,8] org.wildfly.naming.client._private.Messages_$logger is not abstract and does not override abstract method authenticationFailed(org.wildfly.security.auth.AuthenticationException) in org.wildfly.naming.client._private.Messages
> [ERROR] /home/david/src/java/wildfly-naming/target/generated-sources/annotations/org/wildfly/naming/client/_private/Messages_$logger.java:[403,5] method does not override or implement a method from a supertype
> {noformat}
> The source looks like this:
> {code}
> // ...
> import org.wildfly.security.auth.AuthenticationException;
> // ...
> @MessageLogger(projectCode = "WFNAM", length = 5)
> public interface Messages extends BasicLogger {
> // ...
> @Message(id = 32, value = "Peer authentication failed")
> javax.naming.AuthenticationException authenticationFailed(@Cause AuthenticationException cause);
> // ...
> {code}
> The generated code is:
> {code}
> private static final String authenticationFailed = "WFNAM00032: Peer authentication failed";
> protected String authenticationFailed$str() {
> return authenticationFailed;
> }
> @Override
> public final AuthenticationException authenticationFailed(final AuthenticationException cause) { // XXX This is a problem line; return type is not qualified
> final AuthenticationException result = new AuthenticationException(String.format(authenticationFailed$str())); // XXX and this type and constructor are also not qualified
> result.initCause(cause);
> final StackTraceElement[] st = result.getStackTrace();
> result.setStackTrace(Arrays.copyOfRange(st, 1, st.length));
> return result;
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (LOGTOOL-115) Ambiguous import problem with conflicting class name
by David Lloyd (JIRA)
David Lloyd created LOGTOOL-115:
-----------------------------------
Summary: Ambiguous import problem with conflicting class name
Key: LOGTOOL-115
URL: https://issues.jboss.org/browse/LOGTOOL-115
Project: Log Tool
Issue Type: Bug
Affects Versions: 2.0.1.Final
Reporter: David Lloyd
Priority: Blocker
If I have two classes with the same simple name in the logging interface, and a single method uses both of them, the generated class fails to qualify one of them, resulting in compilation errors like this:
{noformat}
[ERROR] /home/david/src/java/wildfly-naming/target/generated-sources/annotations/org/wildfly/naming/client/_private/Messages_$logger.java:[35,8] org.wildfly.naming.client._private.Messages_$logger is not abstract and does not override abstract method authenticationFailed(org.wildfly.security.auth.AuthenticationException) in org.wildfly.naming.client._private.Messages
[ERROR] /home/david/src/java/wildfly-naming/target/generated-sources/annotations/org/wildfly/naming/client/_private/Messages_$logger.java:[403,5] method does not override or implement a method from a supertype
{noformat}
The source looks like this:
{code}
// ...
import org.wildfly.security.auth.AuthenticationException;
// ...
@MessageLogger(projectCode = "WFNAM", length = 5)
public interface Messages extends BasicLogger {
// ...
@Message(id = 32, value = "Peer authentication failed")
javax.naming.AuthenticationException authenticationFailed(@Cause AuthenticationException cause);
// ...
{code}
The generated code is:
{code}
private static final String authenticationFailed = "WFNAM00032: Peer authentication failed";
protected String authenticationFailed$str() {
return authenticationFailed;
}
@Override
public final AuthenticationException authenticationFailed(final AuthenticationException cause) { // XXX This is a problem line; return type is not qualified
final AuthenticationException result = new AuthenticationException(String.format(authenticationFailed$str())); // XXX and this type and constructor are also not qualified
result.initCause(cause);
final StackTraceElement[] st = result.getStackTrace();
result.setStackTrace(Arrays.copyOfRange(st, 1, st.length));
return result;
}
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months