[JBoss JIRA] (WFLY-7448) Wrong description of Elytron configurable-sasl-server-factory in CLI
by Ondrej Lukas (JIRA)
Ondrej Lukas created WFLY-7448:
----------------------------------
Summary: Wrong description of Elytron configurable-sasl-server-factory in CLI
Key: WFLY-7448
URL: https://issues.jboss.org/browse/WFLY-7448
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Ondrej Lukas
Assignee: Darran Lofthouse
Priority: Minor
Description of {{configurable-sasl-server-factory}} resource in CLI is incorrectly copied from {{aggregate-sasl-server-factory}}. It says "description" => "A sasl server factory definition where the sasl server factory is an aggregation of other sasl server factories.".
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-7268) Elytron jdbc-realm *-index attributes validation
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/WFLY-7268?page=com.atlassian.jira.plugin.... ]
Martin Choma updated WFLY-7268:
-------------------------------
Labels: user_experience (was: )
> Elytron jdbc-realm *-index attributes validation
> ------------------------------------------------
>
> Key: WFLY-7268
> URL: https://issues.jboss.org/browse/WFLY-7268
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Martin Choma
> Assignee: Ilia Vassilev
> Priority: Minor
> Labels: user_experience
>
> If I try to set any of password mapper (e.g. {{clear-password-mapper}}) and any of *-index attribute (e.g. {{password-index}}) with 0 value I get error from elytron
> {code}
> [standalone@localhost:9990 /] /subsystem=elytron/jdbc-realm=d:add(principal-query=[{sql="a",data-source="ExampleDS", bcrypt-mapper={password-index=0, salt-index=1, iteration-count-index=2}}])
> {
> "outcome" => "failed",
> "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.IllegalArgumentException: COM00001: Parameter 'hashColumn' must not be less than 1",
> "rolled-back" => true
> }
> {code}
> and exception in server log
> {code}
> 07:16:47,608 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 8) WFLYCTL0013: Operation ("add") failed - address: ([
> ("subsystem" => "elytron"),
> ("jdbc-realm" => "b")
> ]): java.lang.IllegalArgumentException: COM00001: Parameter 'hashColumn' must not be less than 1
> at org.wildfly.common.Assert.checkMinimumParameter(Assert.java:132)
> at org.wildfly.security.auth.realm.jdbc.mapper.PasswordKeyMapper.<init>(PasswordKeyMapper.java:63)
> at org.wildfly.security.auth.realm.jdbc.mapper.PasswordKeyMapper$Builder.build(PasswordKeyMapper.java:389)
> at org.wildfly.extension.elytron.JdbcRealmDefinition$ClearPasswordObjectDefinition.toPasswordKeyMapper(JdbcRealmDefinition.java:133)
> at org.wildfly.extension.elytron.JdbcRealmDefinition$RealmAddHandler.resolveKeyMappers(JdbcRealmDefinition.java:571)
> at org.wildfly.extension.elytron.JdbcRealmDefinition$RealmAddHandler.performRuntime(JdbcRealmDefinition.java:534)
> at org.jboss.as.controller.AbstractAddStepHandler.performRuntime(AbstractAddStepHandler.java:337)
> at org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:151)
> at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:940)
> at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:683)
> at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:382)
> at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1363)
> at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:410)
> at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:232)
> at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:213)
> at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$300(ModelControllerClientOperationHandler.java:136)
> at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:157)
> at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:153)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.Subject.doAs(Subject.java:422)
> at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:149)
> at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:153)
> at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70)
> at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> at org.jboss.threads.JBossThread.run(JBossThread.java:320)
> {code}
> Could that be validated in subsystem? There would be 2 benefits:
> * no exception is thrown in log. Exception seems like something suprised us.
> * message contains more proper attribute name, e.g. hashColumn -> password-index.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-7272) Elytron attribute-mapping index validation
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/WFLY-7272?page=com.atlassian.jira.plugin.... ]
Martin Choma updated WFLY-7272:
-------------------------------
Labels: user_experience (was: )
> Elytron attribute-mapping index validation
> ------------------------------------------
>
> Key: WFLY-7272
> URL: https://issues.jboss.org/browse/WFLY-7272
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Martin Choma
> Assignee: Ilia Vassilev
> Labels: user_experience
>
> To be consistent with other *-index attributes in jdbc-realm. Please, introduce model validation for attribute {{index}} of {{attribute-mapping}} element, as valid values are 1..maxint . Such validation could be useful also in elytron project, as elytron can be used without subsystem.
> Elytron subsystem allows to user to set value 0. Such configured jdbc-realm throws error in runtime.
> {code}
> 17:15:44,546 ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /secured-webapp/index.jsp: java.lang.RuntimeException: ELY01052: Unexpected error when processing authentication query "SELECT password,roles FROM test.wildfly_users WHERE username=?"
> at org.wildfly.security.auth.realm.jdbc.JdbcSecurityRealm$JdbcRealmIdentity.executePrincipalQuery(JdbcSecurityRealm.java:264)
> at org.wildfly.security.auth.realm.jdbc.JdbcSecurityRealm$JdbcRealmIdentity.lambda$getIdentity$2(JdbcSecurityRealm.java:202)
> at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193)
> at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1374)
> at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481)
> at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471)
> at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708)
> at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
> at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499)
> at org.wildfly.security.auth.realm.jdbc.JdbcSecurityRealm$JdbcRealmIdentity.getIdentity(JdbcSecurityRealm.java:224)
> at org.wildfly.security.auth.realm.jdbc.JdbcSecurityRealm$JdbcRealmIdentity.exists(JdbcSecurityRealm.java:188)
> at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(ServerAuthenticationContext.java:1583)
> at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.authorize(ServerAuthenticationContext.java:1608)
> at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:466)
> at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:461)
> at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:724)
> at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:703)
> at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113)
> at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authorize(UsernamePasswordAuthenticationMechanism.java:85)
> at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:152)
> at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:115)
> at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77)
> at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:106)
> at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:90)
> at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:74)
> at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:82)
> at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55)
> at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
> at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
> at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
> at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
> at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
> at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
> at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
> at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
> at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
> at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671)
> at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
> at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
> at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
> at io.undertow.server.Connectors.executeRootHandler(Connectors.java:207)
> at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:810)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.RuntimeException: ELY01079: Ldap-backed realm failed to obtain attributes for entry [user1]
> at org.wildfly.security.auth.realm.jdbc.JdbcSecurityRealm$JdbcRealmIdentity.lambda$null$0(JdbcSecurityRealm.java:215)
> at java.util.ArrayList.forEach(ArrayList.java:1249)
> at org.wildfly.security.auth.realm.jdbc.JdbcSecurityRealm$JdbcRealmIdentity.lambda$null$1(JdbcSecurityRealm.java:207)
> at org.wildfly.security.auth.realm.jdbc.JdbcSecurityRealm$JdbcRealmIdentity.executePrincipalQuery(JdbcSecurityRealm.java:259)
> ... 53 more
> Caused by: org.postgresql.util.PSQLException: The column index is out of range: 0, number of columns: 2.
> at org.postgresql.jdbc.PgResultSet.checkColumnIndex(PgResultSet.java:2754)
> at org.postgresql.jdbc.PgResultSet.checkResultSet(PgResultSet.java:2774)
> at org.postgresql.jdbc.PgResultSet.getString(PgResultSet.java:1881)
> at org.jboss.jca.adapters.jdbc.WrappedResultSet.getString(WrappedResultSet.java:1954)
> at org.wildfly.security.auth.realm.jdbc.mapper.AttributeMapper.map(AttributeMapper.java:40)
> at org.wildfly.security.auth.realm.jdbc.JdbcSecurityRealm$JdbcRealmIdentity.lambda$null$0(JdbcSecurityRealm.java:209)
> ... 56 more
> {code}
> Also, there is wrong exception message "ELY01079: Ldap-backed realm failed to obtain attributes for entry [user1]" . Apparently should be "Jdbc realm".
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-7287) User should be able to specify only one password mapper in jdbc-realm resource
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/WFLY-7287?page=com.atlassian.jira.plugin.... ]
Martin Choma updated WFLY-7287:
-------------------------------
Labels: user_experience (was: )
> User should be able to specify only one password mapper in jdbc-realm resource
> ------------------------------------------------------------------------------
>
> Key: WFLY-7287
> URL: https://issues.jboss.org/browse/WFLY-7287
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Alpha1
> Reporter: Martin Choma
> Assignee: Pedro Igor
> Priority: Minor
> Labels: user_experience
>
> It is possible to specify in {{principal-query}} all of {{clear-password-mapper}}, {{bcrypt-mapper}}, {{simple-digest-mapper}}, {{salted-simple-digest-mapper}}, {{scram-mapper}} at one moment. But, in fact, specifying only one mapper per principal query make sense. Change model/subsystem , that only adding on password mapper at a moment is allowed.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-7317) Elytron ldap-key-store DMR XSD inconsistency
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/WFLY-7317?page=com.atlassian.jira.plugin.... ]
Martin Choma updated WFLY-7317:
-------------------------------
Labels: user_experience (was: )
> Elytron ldap-key-store DMR XSD inconsistency
> ---------------------------------------------
>
> Key: WFLY-7317
> URL: https://issues.jboss.org/browse/WFLY-7317
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Alpha1
> Reporter: Martin Choma
> Assignee: Jan Kalina
> Labels: user_experience
>
> * in XSD there are missing attributes {{key-attribute}} and {{key-type}}
> * in XSD {{value}} attribute of {{new-item-template}} is not a list type as in DMR
> * in DMR {{name}} in {{new-item-attributes}} is optional. In XSD it is marked as required. Should be required in DMR as well.
> * synchronize documenation of XSD and DMR. Documentation in XSD seems little bit detailed.
> * In {{certificate-type}} and {{certificate-attribute}} probably remove link to oracle java 8 documentation. I consider it usefull, but I see couple of maintaining issues. Link can change. Java 9 is comming and can have own enumaration. We also support IBM java. Just stating "For possible values see java documentation of CertificateFactory/CertPathEncodings" would be enough here
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-835) @Resource UserTransaction error when file passivation store is selected
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/WFLY-835?page=com.atlassian.jira.plugin.s... ]
RH Bugzilla Integration commented on WFLY-835:
----------------------------------------------
Matej Novotny <manovotn(a)redhat.com> changed the Status of [bug 1235886|https://bugzilla.redhat.com/show_bug.cgi?id=1235886] from ON_QA to VERIFIED
> @Resource UserTransaction error when file passivation store is selected
> -----------------------------------------------------------------------
>
> Key: WFLY-835
> URL: https://issues.jboss.org/browse/WFLY-835
> Project: WildFly
> Issue Type: Bug
> Components: EJB
> Affects Versions: 9.0.0.CR2
> Environment: Ubuntu 11.10, Intel® Core™ i3-2120 CPU @ 3.30GHz × 4
> Reporter: Abraham Cabanillas Piera
> Assignee: Michael Musgrove
> Priority: Critical
> Labels: jboss
> Fix For: 11.0.0.Alpha1
>
> Attachments: serializationerr_server.log
>
>
> The following exception is launched when the server tries to passivate into the file passivation storage a stateful EJB session with UserTransaction injected as a resource:
> {noformat}
> [org.jboss.as.ejb3.cache.spi.impl.PassivateTask] (pool-10-thread-1) JBAS014538: Failed to passivate {[-36, 0, 14, -43, 72, 10, 76, -28, -105, -108, 24, 45, -70, -58, -48, -107]}: java.lang.RuntimeException: JBAS014538: Failed to passivate {[-36, 0, 14, -43, 72, 10, 76, -28, -105, -108, 24, 45, -70, -58, -48, -107]}
> at org.jboss.as.ejb3.cache.spi.impl.FilePersistentObjectStore.store(FilePersistentObjectStore.java:248) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
> at org.jboss.as.ejb3.cache.spi.impl.FilePersistentObjectStore.store(FilePersistentObjectStore.java:52) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
> at org.jboss.as.ejb3.cache.impl.backing.SimpleBackingCacheEntryStore.passivate(SimpleBackingCacheEntryStore.java:155) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
> at org.jboss.as.ejb3.cache.impl.backing.SerializationGroupMemberContainer.passivate(SerializationGroupMemberContainer.java:288) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
> at org.jboss.as.ejb3.cache.impl.backing.SerializationGroupMemberContainer.passivate(SerializationGroupMemberContainer.java:50) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
> at org.jboss.as.ejb3.cache.impl.backing.PassivatingBackingCacheImpl.passivate(PassivatingBackingCacheImpl.java:190) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
> at org.jboss.as.ejb3.cache.impl.backing.PassivatingBackingCacheImpl.passivate(PassivatingBackingCacheImpl.java:60) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
> at org.jboss.as.ejb3.cache.spi.impl.PassivateTask.run(PassivateTask.java:45) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) [rt.jar:1.7.0_13]
> at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) [rt.jar:1.7.0_13]
> at java.util.concurrent.FutureTask.run(FutureTask.java:166) [rt.jar:1.7.0_13]
> at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:178) [rt.jar:1.7.0_13]
> at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:292) [rt.jar:1.7.0_13]
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_13]
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_13]
> at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_13]
> Caused by: java.io.NotSerializableException: org.jboss.tm.usertx.client.ServerVMClientUserTransaction
> at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:891)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteFields(RiverMarshaller.java:1063)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:1019)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:885)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteFields(RiverMarshaller.java:1063)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:1019)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:885)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteFields(RiverMarshaller.java:1063)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:1019)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:885)
> at org.jboss.marshalling.river.BlockMarshaller.doWriteObject(BlockMarshaller.java:69)
> at org.jboss.marshalling.river.BlockMarshaller.writeObject(BlockMarshaller.java:60)
> at org.jboss.marshalling.MarshallerObjectOutputStream.writeObjectOverride(MarshallerObjectOutputStream.java:54)
> at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:342) [rt.jar:1.7.0_13]
> at org.jboss.as.ejb3.cache.impl.backing.SerializationGroupMemberImpl.writeObject(SerializationGroupMemberImpl.java:368) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_13]
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_13]
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_13]
> at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_13]
> at org.jboss.marshalling.reflect.SerializableClass.callWriteObject(SerializableClass.java:175)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:1007)
> at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:885)
> at org.jboss.marshalling.AbstractObjectOutput.writeObject(AbstractObjectOutput.java:62)
> at org.jboss.marshalling.AbstractMarshaller.writeObject(AbstractMarshaller.java:119)
> at org.jboss.as.ejb3.cache.spi.impl.FilePersistentObjectStore.store(FilePersistentObjectStore.java:239) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
> ... 15 more
> Caused by: an exception which occurred:
> in field userTransaction
> in field instance
> in field instance
> in object org.jboss.as.ejb3.cache.impl.backing.SerializationGroupMemberImpl@6a4de0c9
> {noformat}
> The EJB subsystem configuration is:
> {code:xml}
> <subsystem xmlns="urn:jboss:domain:ejb3:1.2">
> <session-bean>
> <stateless>
> <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
> </stateless>
> <stateful default-access-timeout="10000" cache-ref="passivating"/>
> <singleton default-access-timeout="5000"/>
> </session-bean>
> <mdb>
> <resource-adapter-ref resource-adapter-name="hornetq-ra"/>
> <bean-instance-pool-ref pool-name="mdb-strict-max-pool"/>
> </mdb>
> <pools>
> <bean-instance-pools>
> <strict-max-pool name="slsb-strict-max-pool" max-pool-size="50" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
> <strict-max-pool name="mdb-strict-max-pool" max-pool-size="20" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
> </bean-instance-pools>
> </pools>
> <caches>
> <cache name="simple" aliases="NoPassivationCache"/>
> <cache name="passivating" passivation-store-ref="file" aliases="SimpleStatefulCache"/>
> </caches>
> <passivation-stores>
> <file-passivation-store name="file" idle-timeout="10" idle-timeout-unit="SECONDS"/>
> </passivation-stores>
> <async thread-pool-name="default"/>
> <timer-service thread-pool-name="default">
> <data-store path="timer-service-data" relative-to="jboss.server.data.dir"/>
> </timer-service>
> <remote connector-ref="remoting-connector" thread-pool-name="default"/>
> <thread-pools>
> <thread-pool name="default">
> <max-threads count="100"/>
> <keepalive-time time="100" unit="milliseconds"/>
> </thread-pool>
> </thread-pools>
> <iiop enable-by-default="false" use-qualified-name="false"/>
> </subsystem>
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-7329) Setting elytron ssl-context on undertow without reload
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/WFLY-7329?page=com.atlassian.jira.plugin.... ]
Martin Choma updated WFLY-7329:
-------------------------------
Labels: user_experience (was: )
> Setting elytron ssl-context on undertow without reload
> ------------------------------------------------------
>
> Key: WFLY-7329
> URL: https://issues.jboss.org/browse/WFLY-7329
> Project: WildFly
> Issue Type: Bug
> Components: Security, Web (Undertow)
> Affects Versions: 11.0.0.Alpha1
> Reporter: Martin Choma
> Assignee: Tomaz Cerar
> Labels: user_experience
>
> Please, allow setting of elytron ssl-context on undertow without reload.
> {code}
> [standalone@localhost:9990 /] /subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=ssl-context,value=server)
> {
> "outcome" => "success",
> "response-headers" => {
> "operation-requires-reload" => true,
> "process-state" => "reload-required"
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-7342) Updating of elytron kerberos security factory requires reload
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/WFLY-7342?page=com.atlassian.jira.plugin.... ]
Martin Choma updated WFLY-7342:
-------------------------------
Labels: user_experience (was: )
> Updating of elytron kerberos security factory requires reload
> -------------------------------------------------------------
>
> Key: WFLY-7342
> URL: https://issues.jboss.org/browse/WFLY-7342
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Alpha1
> Reporter: Martin Choma
> Assignee: Ilia Vassilev
> Labels: user_experience
>
> Is it necessary? I mean adding kerberos-security-factory does not require reload.
> It relates to all of attributes debug, minimum-remaining-lifetime principal, request-lifetime,
> mechanism-oids, path, relative-to, server. For example
> {code}
> [standalone@localhost:9990 /] /subsystem=elytron/kerberos-security-factory=krbSF:write-attribute(name=debug, value=true)
> {
> "outcome" => "success",
> "response-headers" => {
> "operation-requires-reload" => true,
> "process-state" => "reload-required"
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months
[JBoss JIRA] (WFLY-7355) Elytron subsystem requires user to input OIDs
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/WFLY-7355?page=com.atlassian.jira.plugin.... ]
Martin Choma updated WFLY-7355:
-------------------------------
Labels: user_experience (was: )
> Elytron subsystem requires user to input OIDs
> ---------------------------------------------
>
> Key: WFLY-7355
> URL: https://issues.jboss.org/browse/WFLY-7355
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Alpha1
> Reporter: Martin Choma
> Labels: user_experience
>
> On couple of places in elytron subsystem raw oids are expected from user input, e.g. {{2.5.4.4}} . Is there chance some aliasing could be introduced? So for example human readable {{surname}} can be used?
> * kerberos-security-factory
> ** mechanism-oids
> * x500-principal-decoder
> ** oid
> ** required-oids
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 8 months