November 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-644) jboss-cli needs to support using PKCS11 (including FIPS mode) keystores/truststores

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFCORE-644?page=com.atlassian.jira.plugin... ] RH Bugzilla Integration commented on WFCORE-644: ------------------------------------------------ Peter Palaga <ppalaga(a)redhat.com> changed the Status of [bug 1212634|https://bugzilla.redhat.com/show_bug.cgi?id=1212634] from NEW to CLOSED > jboss-cli needs to support using PKCS11 (including FIPS mode) keystores/truststores > ----------------------------------------------------------------------------------- > > Key: WFCORE-644 > URL: https://issues.jboss.org/browse/WFCORE-644 > Project: WildFly Core > Issue Type: Bug > Components: CLI > Reporter: Derek Horton > Assignee: Darran Lofthouse > > The cli's SSL configuration should be expanded to support using PKCS11 keystores/truststores. Currently it does not appear to be possible to configure the keystore/truststore type in the jboss-cli.xml file. > This is problematic when the JVM is running in FIPS mode. > The cli throws the following exception on startup: > $ ./bin/jboss-cli.sh > org.jboss.as.cli.CliInitializationException: java.security.KeyManagementException: FIPS mode: only SunJSSE TrustManagers may be used > at org.jboss.as.cli.impl.CommandContextImpl.initSSLContext(CommandContextImpl.java:541) > at org.jboss.as.cli.impl.CommandContextImpl.<init>(CommandContextImpl.java:291) > at org.jboss.as.cli.impl.CommandContextFactoryImpl.newCommandContext(CommandContextFactoryImpl.java:76) > at org.jboss.as.cli.impl.CliLauncher.initCommandContext(CliLauncher.java:294) > at org.jboss.as.cli.impl.CliLauncher.main(CliLauncher.java:277) > at org.jboss.as.cli.CommandLineMain.main(CommandLineMain.java:34) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.modules.Module.run(Module.java:312) > at org.jboss.modules.Main.main(Main.java:460) > Caused by: java.security.KeyManagementException: FIPS mode: only SunJSSE TrustManagers may be used > at sun.security.ssl.SSLContextImpl.chooseTrustManager(SSLContextImpl.java:126) > at sun.security.ssl.SSLContextImpl.engineInit(SSLContextImpl.java:89) > at javax.net.ssl.SSLContext.init(SSLContext.java:283) > at org.jboss.as.cli.impl.CommandContextImpl.initSSLContext(CommandContextImpl.java:537) > ... 11 more > It is possible to workaround the issue by setting the javax.net.ssl.keyStore / javax.net.ssl.trustStore system properties in the bin/jboss-cli.sh file: > JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=NONE -Djavax.net.ssl.trustStoreType=PKCS11" > JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStore=NONE -Djavax.net.ssl.keyStoreType=PKCS11 -Djavax.net.ssl.keyStorePassword=imapassword" -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7538) WebSocketTestCase fails with security manager - Reenable the test

by Ivo Studensky (JIRA)

[ https://issues.jboss.org/browse/WFLY-7538?page=com.atlassian.jira.plugin.... ] Ivo Studensky commented on WFLY-7538: ------------------------------------- The {{HttpUpgrade.performUpgrade}} goes down to https://github.com/xnio/xnio/blob/3.4/api/src/main/java/org/xnio/XnioIoTh... which passes {{Xnio.ANY_INET_ADDRESS}} as a {{bindAddress}} to {{WorkerThread}} which then tries to bind on it at https://github.com/xnio/xnio/blob/3.4/nio-impl/src/main/java/org/xnio/nio.... The only change in this code (at least the only one I am aware of) seems to be the following commit: https://github.com/xnio/xnio/commit/893ffbf > WebSocketTestCase fails with security manager - Reenable the test > ----------------------------------------------------------------- > > Key: WFLY-7538 > URL: https://issues.jboss.org/browse/WFLY-7538 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Kabir Khan > Assignee: Darran Lofthouse > Priority: Blocker > > Reenable WebSocketsTestCase. See WFLY-7539 for more details -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6193) Test fails due to ReflectPermission

by Ivo Studensky (JIRA)

[ https://issues.jboss.org/browse/WFLY-6193?page=com.atlassian.jira.plugin.... ] Ivo Studensky reassigned WFLY-6193: ----------------------------------- Assignee: Ivo Studensky (was: Jan Tymel) > Test fails due to ReflectPermission > ----------------------------------- > > Key: WFLY-6193 > URL: https://issues.jboss.org/browse/WFLY-6193 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Hynek Švábek > Assignee: Ivo Studensky > > *org.jboss.as.test.integration.jaxrs.provider.preference.CustomProviderPreferenceTest#testCustomMessageBodyWriterIsUsed* > {{./integration-tests.sh -fae -Dmaven.test.failure.ignore=true -DfailIfNoTests=false -Dsecurity.manager -Dts.basic -Dts.noSmoke -Dtest=org.jboss.as.test.integration.jaxrs.provider.preference.CustomProviderPreferenceTest#testCustomMessageBodyWriterIsUsed}} > Fails with: > {code} > ERROR [io.undertow.request] (default task-100) UT005023: Exception handling request to /providers/api/user: org.jboss.resteasy.spi.UnhandledException: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.reflect.ReflectPermission" "suppressAccessChecks")" in code source "(vfs:/content/providers.war/WEB-INF/classes <no signer certificates>)" of "null") > at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76) > at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212) > at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:168) > at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:411) > at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202) > at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221) > at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) > at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:180) > at java.security.AccessController.doPrivileged(Native Method) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:177) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.reflect.ReflectPermission" "suppressAccessChecks")" in code source "(vfs:/content/providers.war/WEB-INF/classes <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:128) > at org.jboss.resteasy.core.PropertyInjectorImpl.populateMap(PropertyInjectorImpl.java:69) > at org.jboss.resteasy.core.PropertyInjectorImpl.<init>(PropertyInjectorImpl.java:54) > at org.jboss.resteasy.cdi.JaxrsInjectionTarget.getPropertyInjector(JaxrsInjectionTarget.java:102) > at org.jboss.resteasy.cdi.JaxrsInjectionTarget.inject(JaxrsInjectionTarget.java:50) > at org.jboss.weld.bean.ManagedBean.create(ManagedBean.java:159) > at org.jboss.weld.context.AbstractContext.get(AbstractContext.java:96) > at org.jboss.weld.bean.ContextualInstanceStrategy$DefaultContextualInstanceStrategy.get(ContextualInstanceStrategy.java:101) > at org.jboss.weld.bean.ContextualInstanceStrategy$CachingContextualInstanceStrategy.get(ContextualInstanceStrategy.java:178) > at org.jboss.weld.bean.ContextualInstance.get(ContextualInstance.java:50) > at org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:99) > at org.jboss.weld.bean.proxy.ProxyMethodHandler.getInstance(ProxyMethodHandler.java:125) > at org.jboss.as.test.integration.jaxrs.provider.preference.Resource$Proxy$_$$_WeldClientProxy.getUser(Unknown Source) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:497) > at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139) > at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295) > at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249) > at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:236) > at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395) > ... 34 more > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1366) Cannot access remote KIE maven repo - Unauthorized access 401

by Mario Fusco (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1366?page=com.atlassian.jira.plugi... ] Mario Fusco resolved DROOLS-1366. --------------------------------- Resolution: Rejected The KieScanner doesn't know (and doesn't have a chance to know) how you created the Resource passed to the KieContainer. You need to put those authorization credentials in a maven settings.xml file and let the KieScanner use them by passing to it the name of the file (if it is not the standard one in your user folder) as explained here https://bugzilla.redhat.com/show_bug.cgi?id=1059584 > Cannot access remote KIE maven repo - Unauthorized access 401 > ------------------------------------------------------------- > > Key: DROOLS-1366 > URL: https://issues.jboss.org/browse/DROOLS-1366 > Project: Drools > Issue Type: Bug > Components: kie server > Reporter: Sambhaji Biradar > Assignee: Mario Fusco > > Using the latest 6.5 version, we are getting unauthorized access error. From the other posts I see that this issue was resolved in earlier versions but wondering if this issue was introduced again in 6.5. I tried this solution with no success - https://issues.jboss.org/browse/DROOLS-436. > Could someone help resolving the issue please? > > #NOTE: This is an Aether internal implementation file, its format can be changed without prior notice. > #Mon Nov 21 19:20:51 EST 2016 > maven-metadata-central.xml.error=Could not transfer metadata com.xxx.xxx.ruleengine\:fraudrules\:1.1-SNAPSHOT/maven-metadata.xml from/to central (http\://repo1.maven.org/maven2/)\: Connect to repo1.maven.org\:80 timed out > maven-metadata-guvnor-m2-repo.xml.error=Could not transfer metadata com.xxx.xxx.ruleengine\:rules\:1.1-SNAPSHOT/maven-metadata.xml from/to guvnor-m2-repo (http\://10.xxx.77.xxx\:8080/kie-drools-wb/maven2/)\: Unauthorized (401) > maven-metadata-workbench.xml.lastUpdated=1479774051131 > maven-metadata-guvnor-m2-repo.xml/@default-guvnor-m2-repo-http\://10.xxx.77.xxx\:8080/kie-drools-wb/maven2/.lastUpdated=1479774051096 > maven-metadata-central.xml/@default-central-http\://repo1.maven.org/maven2/.lastUpdated=1479774050359 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7665) Write attribute operation for Elytron ldap-key-store throws NPE

by Ondrej Lukas (JIRA)

Ondrej Lukas created WFLY-7665: ---------------------------------- Summary: Write attribute operation for Elytron ldap-key-store throws NPE Key: WFLY-7665 URL: https://issues.jboss.org/browse/WFLY-7665 Project: WildFly Issue Type: Bug Components: Security Reporter: Ondrej Lukas Assignee: Darran Lofthouse In case when CLI write-attribute operation is called for {{ldap-key-store}} then it results to NullPointerException. Exception occurs in server log: {code} ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 7) WFLYCTL0013: Operation ("write-attribute") failed - address: ([ ("subsystem" => "elytron"), ("ldap-key-store" => "ldapKeyStore") ]): java.lang.NullPointerException at org.wildfly.extension.elytron.LdapKeyStoreDefinition$WriteAttributeHandler.getParentServiceName(LdapKeyStoreDefinition.java:359) at org.jboss.as.controller.RestartParentWriteAttributeHandler.applyUpdateToRuntime(RestartParentWriteAttributeHandler.java:57) at org.jboss.as.controller.AbstractWriteAttributeHandler$1.execute(AbstractWriteAttributeHandler.java:104) at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:921) at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:664) at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:383) at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1364) at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:416) at org.jboss.as.controller.ModelControllerImpl.lambda$execute$1(ModelControllerImpl.java:237) at org.wildfly.security.auth.client.PeerIdentity.runAsAll(PeerIdentity.java:431) at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:206) at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:237) at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:217) at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$400(ModelControllerClientOperationHandler.java:137) at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:161) at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:157) at org.wildfly.security.auth.client.PeerIdentity.runAsAll(PeerIdentity.java:464) at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:225) at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:185) at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:157) at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70) at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) at org.jboss.threads.JBossThread.run(JBossThread.java:320) {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7664) Missing default values in ldap-key-store description in CLI

by Ondrej Lukas (JIRA)

[ https://issues.jboss.org/browse/WFLY-7664?page=com.atlassian.jira.plugin.... ] Ondrej Lukas updated WFLY-7664: ------------------------------- Affects Version/s: 11.0.0.Alpha1 > Missing default values in ldap-key-store description in CLI > ----------------------------------------------------------- > > Key: WFLY-7664 > URL: https://issues.jboss.org/browse/WFLY-7664 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Labels: user_experience > > Some attributes of Elytron {{ldap-key-store}} resource have defined some default value, but description of these attributes in CLI is missing default values. According to XSD following attributes of {{ldap-key-store}} have assigned some default value: > * {{search-recursive}} has default value {{true}} > * {{search-time-limit}} has default value {{10000}} > * {{filter-alias}} has default value {{(alias-attribute=\{0\})}} > * {{filter-certificate}} has default value {{(certificate-attribute=\{0\})}} > * {{filter-iterate}} has default value {{(alias-attribute=*)}} > * {{alias-attribute}} has default value {{cn}} > * {{certificate-attribute}} has default value {{usercertificate}} > * {{certificate-type}} has default value {{X.509}} > * {{certificate-chain-attribute}} has default value {{userSMIMECertificate}} > * {{certificate-chain-encoding}} has default value {{PKCS7}} > * {{key-attribute}} has default value {{userPKCS12}} > * {{key-type}} has default value {{PKCS12}} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7664) Missing default values in ldap-key-store description in CLI

by Ondrej Lukas (JIRA)

[ https://issues.jboss.org/browse/WFLY-7664?page=com.atlassian.jira.plugin.... ] Ondrej Lukas updated WFLY-7664: ------------------------------- Labels: user_experience (was: ) > Missing default values in ldap-key-store description in CLI > ----------------------------------------------------------- > > Key: WFLY-7664 > URL: https://issues.jboss.org/browse/WFLY-7664 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Labels: user_experience > > Some attributes of Elytron {{ldap-key-store}} resource have defined some default value, but description of these attributes in CLI is missing default values. According to XSD following attributes of {{ldap-key-store}} have assigned some default value: > * {{search-recursive}} has default value {{true}} > * {{search-time-limit}} has default value {{10000}} > * {{filter-alias}} has default value {{(alias-attribute=\{0\})}} > * {{filter-certificate}} has default value {{(certificate-attribute=\{0\})}} > * {{filter-iterate}} has default value {{(alias-attribute=*)}} > * {{alias-attribute}} has default value {{cn}} > * {{certificate-attribute}} has default value {{usercertificate}} > * {{certificate-type}} has default value {{X.509}} > * {{certificate-chain-attribute}} has default value {{userSMIMECertificate}} > * {{certificate-chain-encoding}} has default value {{PKCS7}} > * {{key-attribute}} has default value {{userPKCS12}} > * {{key-type}} has default value {{PKCS12}} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7664) Missing default values in ldap-key-store description in CLI

by Ondrej Lukas (JIRA)

Ondrej Lukas created WFLY-7664: ---------------------------------- Summary: Missing default values in ldap-key-store description in CLI Key: WFLY-7664 URL: https://issues.jboss.org/browse/WFLY-7664 Project: WildFly Issue Type: Bug Components: Security Reporter: Ondrej Lukas Assignee: Darran Lofthouse Some attributes of Elytron {{ldap-key-store}} resource have defined some default value, but description of these attributes in CLI is missing default values. According to XSD following attributes of {{ldap-key-store}} have assigned some default value: * {{search-recursive}} has default value {{true}} * {{search-time-limit}} has default value {{10000}} * {{filter-alias}} has default value {{(alias-attribute=\{0\})}} * {{filter-certificate}} has default value {{(certificate-attribute=\{0\})}} * {{filter-iterate}} has default value {{(alias-attribute=*)}} * {{alias-attribute}} has default value {{cn}} * {{certificate-attribute}} has default value {{usercertificate}} * {{certificate-type}} has default value {{X.509}} * {{certificate-chain-attribute}} has default value {{userSMIMECertificate}} * {{certificate-chain-encoding}} has default value {{PKCS7}} * {{key-attribute}} has default value {{userPKCS12}} * {{key-type}} has default value {{PKCS12}} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2042) Improve query operation for nested child resources

by Lin Gao (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2042?page=com.atlassian.jira.plugi... ] Lin Gao updated WFCORE-2042: ---------------------------- Summary: Improve query operation for nested child resources (was: Improve query operation for nested resources) > Improve query operation for nested child resources > -------------------------------------------------- > > Key: WFCORE-2042 > URL: https://issues.jboss.org/browse/WFCORE-2042 > Project: WildFly Core > Issue Type: Feature Request > Components: Domain Management > Reporter: Lin Gao > Assignee: Brian Stansberry > > This is another similar RFE as WFCORE-2041. > It would be good if the 'query()' operation can filter the resources by specifying value of attributes which are +inside of nested child resources(not only by the first level of child resource)+, so that, for example, the following command can work well as expected: > {code:} > [standalone@localhost:9990 /] /subsystem=security:query(select=[security-domain], where={security-domain.authentication.login-modules.code=RealmDirect}) > { > "outcome" => "success", > "result" => undefined > } > // here the expected output are the security-domain resources which have the loging-module RealmDirect defined. > {code} > The {{security-domain.authentication.login-modules.code}} in 'where' parameter is proposed attribute name in enhanced syntax, other options maybe possible. > The different requirements between this WFCORE-2042 and WFCORE-2041 are: > * WFCORE-2041 focus on complex attributes in one management resource > * WFCORE-2042 focus on nested management resources with or without complex attributes -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3987) Regression regarding WS Client when using header authentication

by Pushpak Sathyanarayan (JIRA)

[ https://issues.jboss.org/browse/WFLY-3987?page=com.atlassian.jira.plugin.... ] Pushpak Sathyanarayan commented on WFLY-3987: --------------------------------------------- [^Jboss Soap.txt] [^Tomcat.txt] > Regression regarding WS Client when using header authentication > --------------------------------------------------------------- > > Key: WFLY-3987 > URL: https://issues.jboss.org/browse/WFLY-3987 > Project: WildFly > Issue Type: Bug > Components: Web Services > Affects Versions: 8.1.0.Final, 9.0.0.Alpha1 > Environment: Linux (Ubuntu 14.04), OpenJDK 1.7.0_65, Wildfly 8.0/8.1/9.0A > Reporter: Marcus Carlson > Assignee: Alessio Soldano > Attachments: HPD_IncidentInterface_Create_WS.wsdl, Jboss Soap.txt, Tomcat.txt > > > I'm trying to integrate a Web Service client based on BMC Remedy product where Web service authentication is handled in Soap Header and not basic authentication. See AuthenticationInfo element on https://github.com/macmorning/itsm_mobileview/blob/master/SoapUI%20Projec... for an example of how the WSDL file looks like. > I've enabled Xadditionalheaders so I get the AuthenticationInfo as the last argument, like this: > {noformat} > port.helpDeskQueryListService(qualification, startRecord, maxLimit, authInfo); > {noformat} > Problem is that this was working fine in WildFly 8.0 generating the following SOAP Request: > {noformat} > ID: 1 > Address: https://SERVER/arsys/services/ARService?server=SERVER&webService=HPD_Inci... > Encoding: UTF-8 > Http-Method: POST > Content-Type: text/xml > Headers: {Accept=[*/*], SOAPAction=["urn:HPD_IncidentInterface_WS/HelpDesk_QueryList_Service"]} > Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header><AuthenticationInfo xmlns="urn:HPD_IncidentInterface_WS"><userName>SECRETUSER</userName><password>SECRETPASSWORD</password></AuthenticationInfo></soap:Header><soap:Body><HelpDesk_QueryList_Service xmlns="urn:HPD_IncidentInterface_WS"><Qualification>'Status' = "Closed"</Qualification><startRecord>0</startRecord><maxLimit>1000</maxLimit></HelpDesk_QueryList_Service></soap:Body></soap:Envelope> > {noformat} > With 8.1 it's generating a completly different payload with the Header element in Body and body completly missing (!): > {noformat} > ID: 2 > Address: https://SERVER/arsys/services/ARService?server=SERVER&webService=HPD_Inci... > Encoding: UTF-8 > Http-Method: POST > Content-Type: text/xml > Headers: {Accept=[*/*], SOAPAction=["urn:HPD_IncidentInterface_WS/HelpDesk_QueryList_Service"]} > Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><HelpDesk_QueryList_Service xmlns="urn:HPD_IncidentInterface_WS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="AuthenticationInfo"><userName>SECRETUSER</userName><password>SECRETPASSWORD</password></HelpDesk_QueryList_Service></soap:Body></soap:Envelope> > {noformat} > I've also tried 9.0.0.Alpha1 with same result. What could be wrong? -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira November 2016