November 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-7491) joiner attribute of concatenating-principal-decoder (Elytron subsystem) is marked as nillable but can not be

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7491?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7491: ----------------------------------- Affects Version/s: (was: 11.0.0.Alpha1) > joiner attribute of concatenating-principal-decoder (Elytron subsystem) is marked as nillable but can not be > ------------------------------------------------------------------------------------------------------------ > > Key: WFLY-7491 > URL: https://issues.jboss.org/browse/WFLY-7491 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Ondrej Kotek > Assignee: Jan Kalina > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > *Issue description:* > After having undefined the {{joiner}} attribute of {{concatenating-principal-decoder}} in Elytron subsystem, the server does not start. The {{joiner}} attribute is declared as {{"nillable" => true}} in CLI, but can not be -- see _Steps to Reproce_ that results in > {noformat} > 14:50:29,357 ERROR [org.jboss.as.controller] (Controller Boot Thread) > OPVDX001: Validation error in standalone-elytron.xml =========================== > 346: <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/> > 347: </constant-permission-mapper> > 348: <concatenating-principal-decoder name="concatPrincDecoder"> > ^^^^ 'concatenating-principal-decoder' is missing one or more required attributes > All of the following are required: joiner > 349: <principal-decoder name="constPrincDecoder"/> > 350: <principal-decoder name="constPrincDecoder"/> > 351: </concatenating-principal-decoder> > The underlying error message was: > > ParseError at [row,col]:[348,17] > > Message: WFLYCTL0133: Missing required attribute(s): joiner > ================================================================================ > 14:50:29,357 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration > at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143) > at org.jboss.as.server.ServerService.boot(ServerService.java:355) > at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:302) > at java.lang.Thread.run(Thread.java:745) > 14:50:29,358 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details. > {noformat} > The {{joiner}} attribute has {{use="required"}} in _wildfly-elytron_1_0.xsd_. > *Suggestions for improvement:* > In case it makes sense to have no joiner, the joiner should not be required. (There could be reasonable cases.) Otherwise, the CLI {{joiner}} attribute should be declared as {{"nillable" => false}}. > The XSD {{joiner}} attribute should have defined {{default="."}}. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7491) joiner attribute of concatenating-principal-decoder (Elytron subsystem) is marked as nillable but can not be

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7491?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7491: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > joiner attribute of concatenating-principal-decoder (Elytron subsystem) is marked as nillable but can not be > ------------------------------------------------------------------------------------------------------------ > > Key: WFLY-7491 > URL: https://issues.jboss.org/browse/WFLY-7491 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Ondrej Kotek > Assignee: Jan Kalina > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > *Issue description:* > After having undefined the {{joiner}} attribute of {{concatenating-principal-decoder}} in Elytron subsystem, the server does not start. The {{joiner}} attribute is declared as {{"nillable" => true}} in CLI, but can not be -- see _Steps to Reproce_ that results in > {noformat} > 14:50:29,357 ERROR [org.jboss.as.controller] (Controller Boot Thread) > OPVDX001: Validation error in standalone-elytron.xml =========================== > 346: <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/> > 347: </constant-permission-mapper> > 348: <concatenating-principal-decoder name="concatPrincDecoder"> > ^^^^ 'concatenating-principal-decoder' is missing one or more required attributes > All of the following are required: joiner > 349: <principal-decoder name="constPrincDecoder"/> > 350: <principal-decoder name="constPrincDecoder"/> > 351: </concatenating-principal-decoder> > The underlying error message was: > > ParseError at [row,col]:[348,17] > > Message: WFLYCTL0133: Missing required attribute(s): joiner > ================================================================================ > 14:50:29,357 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration > at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143) > at org.jboss.as.server.ServerService.boot(ServerService.java:355) > at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:302) > at java.lang.Thread.run(Thread.java:745) > 14:50:29,358 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details. > {noformat} > The {{joiner}} attribute has {{use="required"}} in _wildfly-elytron_1_0.xsd_. > *Suggestions for improvement:* > In case it makes sense to have no joiner, the joiner should not be required. (There could be reasonable cases.) Otherwise, the CLI {{joiner}} attribute should be declared as {{"nillable" => false}}. > The XSD {{joiner}} attribute should have defined {{default="."}}. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7476) Complicated failure-descriptions in Elytron properties-realm

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7476?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7476: ----------------------------------- Affects Version/s: (was: 11.0.0.Alpha1) > Complicated failure-descriptions in Elytron properties-realm > ------------------------------------------------------------ > > Key: WFLY-7476 > URL: https://issues.jboss.org/browse/WFLY-7476 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Ondrej Lukas > Assignee: Jan Kalina > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > There are complicated failure-descriptions in Elytron properties-realm. They include some details from exceptions which are not needed and can be confused for non-java administrators. Please handle these exceptions and provide some user friendly failure-description. > Examples of complicated failure-description in properties-realm: > * Adding path which does not exist: > {code} > /subsystem=elytron/properties-realm=realm:add(users-properties={path=/wrong/path/a.properties}) > { > "outcome" => "failed", > "failure-description" => { > "WFLYCTL0080: Failed services" => {"org.wildfly.security.security-realm.realm" => "org.jboss.msc.service.StartException in service org.wildfly.security.security-realm.realm: WFLYELY00014: Unable to load the properties files required to start the properties file backed realm. > Caused by: java.io.FileNotFoundException: /wrong/path/a.properties (No such file or directory)"}, > "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.security-realm.realm"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined > }, > "rolled-back" => true > } > {code} > * Adding file with missing $REALM: > {code} > /subsystem=elytron/properties-realm=realm:add(users-properties={path=/some/path/roles.properties}) > { > "outcome" => "failed", > "failure-description" => { > "WFLYCTL0080: Failed services" => {"org.wildfly.security.security-realm.realm" => "org.jboss.msc.service.StartException in service org.wildfly.security.security-realm.realm: WFLYELY00014: Unable to load the properties files required to start the properties file backed realm. > Caused by: java.io.IOException: ELY01006: No realm name found in properties file"}, > "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.security-realm.realm"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined > }, > "rolled-back" => true > } > {code} > * path mentiond in relative-to does not exist: > {code} > /subsystem=elytron/properties-realm=realm:add(users-properties={path=users.properties,relative-to=non.exist}) > { > "outcome" => "failed", > "failure-description" => { > "WFLYCTL0412: Required services that are not installed:" => ["jboss.server.path.\"non.exist\""], > "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-realm.realm is missing [jboss.server.path.\"non.exist\"]"] > }, > "rolled-back" => true > } > {code} > Suggestion for improvement: > * use only description of failure, e.g. something like "file /wrong/path/a.properties was not found" > * do not use any unneeded information - e.g. "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7476) Complicated failure-descriptions in Elytron properties-realm

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7476?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7476: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Complicated failure-descriptions in Elytron properties-realm > ------------------------------------------------------------ > > Key: WFLY-7476 > URL: https://issues.jboss.org/browse/WFLY-7476 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Ondrej Lukas > Assignee: Jan Kalina > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > There are complicated failure-descriptions in Elytron properties-realm. They include some details from exceptions which are not needed and can be confused for non-java administrators. Please handle these exceptions and provide some user friendly failure-description. > Examples of complicated failure-description in properties-realm: > * Adding path which does not exist: > {code} > /subsystem=elytron/properties-realm=realm:add(users-properties={path=/wrong/path/a.properties}) > { > "outcome" => "failed", > "failure-description" => { > "WFLYCTL0080: Failed services" => {"org.wildfly.security.security-realm.realm" => "org.jboss.msc.service.StartException in service org.wildfly.security.security-realm.realm: WFLYELY00014: Unable to load the properties files required to start the properties file backed realm. > Caused by: java.io.FileNotFoundException: /wrong/path/a.properties (No such file or directory)"}, > "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.security-realm.realm"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined > }, > "rolled-back" => true > } > {code} > * Adding file with missing $REALM: > {code} > /subsystem=elytron/properties-realm=realm:add(users-properties={path=/some/path/roles.properties}) > { > "outcome" => "failed", > "failure-description" => { > "WFLYCTL0080: Failed services" => {"org.wildfly.security.security-realm.realm" => "org.jboss.msc.service.StartException in service org.wildfly.security.security-realm.realm: WFLYELY00014: Unable to load the properties files required to start the properties file backed realm. > Caused by: java.io.IOException: ELY01006: No realm name found in properties file"}, > "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.security-realm.realm"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined > }, > "rolled-back" => true > } > {code} > * path mentiond in relative-to does not exist: > {code} > /subsystem=elytron/properties-realm=realm:add(users-properties={path=users.properties,relative-to=non.exist}) > { > "outcome" => "failed", > "failure-description" => { > "WFLYCTL0412: Required services that are not installed:" => ["jboss.server.path.\"non.exist\""], > "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-realm.realm is missing [jboss.server.path.\"non.exist\"]"] > }, > "rolled-back" => true > } > {code} > Suggestion for improvement: > * use only description of failure, e.g. something like "file /wrong/path/a.properties was not found" > * do not use any unneeded information - e.g. "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7473) Missing configurable options in elytron dir-context

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7473?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7473: ----------------------------------- Affects Version/s: (was: 11.0.0.Alpha1) > Missing configurable options in elytron dir-context > --------------------------------------------------- > > Key: WFLY-7473 > URL: https://issues.jboss.org/browse/WFLY-7473 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Martin Choma > Assignee: Jan Kalina > Priority: Critical > Fix For: 11.0.0.Alpha1 > > > Elytron subsystem does not expose possibility to configure {{InitialLdapContext}} options: > * com.sun.jndi.ldap.read.timeout > * com.sun.jndi.ldap.connect.timeout > Consider exposing general options like in case of legacy ldap outbound connection. Users relying on them could have problem to migrate to elytron. > AFAICT it is already prepared in elytron, just elytron-subsystem part is missing. > {code:title=SimpleDirContextFactoryBuilder.java} > // set any additional connection property > if (connectionProperties != null) { > for (Object key : connectionProperties.keySet()) { > Object value = connectionProperties.get(key.toString()); > if (value != null) { > env.put(key.toString(), value.toString()); > } > } > } > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7473) Missing configurable options in elytron dir-context

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7473?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7473: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Missing configurable options in elytron dir-context > --------------------------------------------------- > > Key: WFLY-7473 > URL: https://issues.jboss.org/browse/WFLY-7473 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Martin Choma > Assignee: Jan Kalina > Priority: Critical > Fix For: 11.0.0.Alpha1 > > > Elytron subsystem does not expose possibility to configure {{InitialLdapContext}} options: > * com.sun.jndi.ldap.read.timeout > * com.sun.jndi.ldap.connect.timeout > Consider exposing general options like in case of legacy ldap outbound connection. Users relying on them could have problem to migrate to elytron. > AFAICT it is already prepared in elytron, just elytron-subsystem part is missing. > {code:title=SimpleDirContextFactoryBuilder.java} > // set any additional connection property > if (connectionProperties != null) { > for (Object key : connectionProperties.keySet()) { > Object value = connectionProperties.get(key.toString()); > if (value != null) { > env.put(key.toString(), value.toString()); > } > } > } > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2048) attributes of BYTES unit should not allow negative values

by Chao Wang (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2048?page=com.atlassian.jira.plugi... ] Chao Wang commented on WFCORE-2048: ----------------------------------- Hi [~ctomc] I think the reported attributes in undertow should not be validated by the BytesValidator which validates parameter is a byte[] of an acceptable length. The attributes have type Int as defined in UndertowOptions.java for example: {code:java} public static final Option<Integer> HTTP2_SETTINGS_HEADER_TABLE_SIZE = Option.simple(UndertowOptions.class, "HTTP2_SETTINGS_HEADER_TABLE_SIZE", Integer.class); {code} an IntRangeValidator with a min value to 1 for needed attributes in resource definition can avoid the negative input. > attributes of BYTES unit should not allow negative values > --------------------------------------------------------- > > Key: WFCORE-2048 > URL: https://issues.jboss.org/browse/WFCORE-2048 > Project: WildFly Core > Issue Type: Enhancement > Components: Domain Management > Reporter: Chao Wang > Assignee: Chao Wang > Priority: Minor > > For {{http-listener}}, {{https-listener}} and {{mod-cluster}} filter in Undertow subsystem, there are some http2 related attributes: > {code} > "http2-header-table-size" => { > "type" => INT, > "description" => "The size of the header table used for HPACK compression, in bytes. This amount of memory will be allocated per connection for compression. Larger values use more memory but may give better compression.", > "expressions-allowed" => true, > "nillable" => true, > "unit" => "BYTES", > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "all-services" > }, > "http2-initial-window-size" => { > "type" => INT, > "description" => "The flow control window size that controls how quickly the client can send data to the server", > "expressions-allowed" => true, > "nillable" => true, > "unit" => "BYTES", > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "all-services" > }, > "http2-max-concurrent-streams" => { > "type" => INT, > "description" => "The maximum number of HTTP/2 streams that can be active at any time on a single connection", > "expressions-allowed" => true, > "nillable" => true, > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "all-services" > }, > "http2-max-frame-size" => { > "type" => INT, > "description" => "The max HTTP/2 frame size", > "expressions-allowed" => true, > "nillable" => true, > "unit" => "BYTES", > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "all-services" > }, > "http2-max-header-list-size" => { > "type" => INT, > "description" => "The maximum size of request headers the server is prepared to accept", > "expressions-allowed" => true, > "nillable" => true, > "unit" => "BYTES", > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "all-services" > }, > {code} > As unit of these attributes is used {{BYTES}} we should not allow user to input negative numbers there. Currently I can simply put negative number and server does not protest anyhow (I guess that server simply interpret given negative number as actual unsigned number of integer internally?). We should inform user that we expect only positive numbers for these attributes. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7505) Support verification of a users certificate against an LDAP Server

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7505?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7505: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Support verification of a users certificate against an LDAP Server > ------------------------------------------------------------------ > > Key: WFLY-7505 > URL: https://issues.jboss.org/browse/WFLY-7505 > Project: WildFly > Issue Type: Feature Request > Components: Security > Reporter: Jan Kalina > Assignee: Jan Kalina > Fix For: 11.0.0.Alpha1 > > > LDAP realm should be able to authenticate user using user certificate. > This is specifically for authentication - NOT for general TrustManager requirements - another Jira issue is tracking looking into a KeyStore implementation backed by LDAP. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7504) failure-description from adding empty Elytron jdbc-realm should contain required attributes

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7504?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7504: ----------------------------------- Affects Version/s: (was: 11.0.0.Alpha1) > failure-description from adding empty Elytron jdbc-realm should contain required attributes > ------------------------------------------------------------------------------------------- > > Key: WFLY-7504 > URL: https://issues.jboss.org/browse/WFLY-7504 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Ondrej Kotek > Assignee: Jan Kalina > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > Adding empty {{jdbc-realm}} to {{elytron}} subsystem results in > {noformat} > [standalone@localhost:9990 /] /subsystem=elytron/jdbc-realm=jdbc-realm1:add > { > "outcome" => "failed", > "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.IllegalArgumentException", > "rolled-back" => true > } > {noformat} > and error in server log > {noformat} > 15:51:39,521 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 4) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "elytron"), > ("jdbc-realm" => "jdbc-realm1") > ]): java.lang.IllegalArgumentException > at org.jboss.dmr.ModelValue.asList(ModelValue.java:143) > at org.jboss.dmr.ModelNode.asList(ModelNode.java:1389) > at org.wildfly.extension.elytron.JdbcRealmDefinition$RealmAddHandler.performRuntime(JdbcRealmDefinition.java:530) > at org.jboss.as.controller.AbstractAddStepHandler.performRuntime(AbstractAddStepHandler.java:337) > at org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:151) > at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:940) > at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:683) > at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:382) > at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1363) > at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:410) > at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:232) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:213) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$300(ModelControllerClientOperationHandler.java:136) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:157) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:153) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAs(Subject.java:422) > at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:149) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:153) > at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70) > at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at org.jboss.threads.JBossThread.run(JBossThread.java:320) > {noformat} > The operation should fail with {{failure-description}} like "_principal-query sql may not be null_". -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7504) failure-description from adding empty Elytron jdbc-realm should contain required attributes

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7504?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7504: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > failure-description from adding empty Elytron jdbc-realm should contain required attributes > ------------------------------------------------------------------------------------------- > > Key: WFLY-7504 > URL: https://issues.jboss.org/browse/WFLY-7504 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Ondrej Kotek > Assignee: Jan Kalina > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > Adding empty {{jdbc-realm}} to {{elytron}} subsystem results in > {noformat} > [standalone@localhost:9990 /] /subsystem=elytron/jdbc-realm=jdbc-realm1:add > { > "outcome" => "failed", > "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.IllegalArgumentException", > "rolled-back" => true > } > {noformat} > and error in server log > {noformat} > 15:51:39,521 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 4) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "elytron"), > ("jdbc-realm" => "jdbc-realm1") > ]): java.lang.IllegalArgumentException > at org.jboss.dmr.ModelValue.asList(ModelValue.java:143) > at org.jboss.dmr.ModelNode.asList(ModelNode.java:1389) > at org.wildfly.extension.elytron.JdbcRealmDefinition$RealmAddHandler.performRuntime(JdbcRealmDefinition.java:530) > at org.jboss.as.controller.AbstractAddStepHandler.performRuntime(AbstractAddStepHandler.java:337) > at org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:151) > at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:940) > at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:683) > at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:382) > at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1363) > at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:410) > at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:232) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:213) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$300(ModelControllerClientOperationHandler.java:136) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:157) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:153) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAs(Subject.java:422) > at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:149) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:153) > at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70) > at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at org.jboss.threads.JBossThread.run(JBossThread.java:320) > {noformat} > The operation should fail with {{failure-description}} like "_principal-query sql may not be null_". -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira November 2016