November 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-6854) Upgrade Hibernate ORM to 5.1.3

by Gail Badner (JIRA)

[ https://issues.jboss.org/browse/WFLY-6854?page=com.atlassian.jira.plugin.... ] Gail Badner commented on WFLY-6854: ----------------------------------- I've added a new pulll request that uses Hibernate ORM 5.1.3.Final: https://github.com/wildfly/wildfly/pull/9413. I wasn't sure if I should reject the exiting PR for this issue, so I've left that in place. > Upgrade Hibernate ORM to 5.1.3 > ------------------------------- > > Key: WFLY-6854 > URL: https://issues.jboss.org/browse/WFLY-6854 > Project: WildFly > Issue Type: Feature Request > Components: JPA / Hibernate > Reporter: Emmanuel Bernard > Assignee: Scott Marlow > Fix For: 11.0.0.Alpha1 > > > This is a follow up on WFLY-6682. > After looking at the list of potential incompatibilities, we decided to not upgrade to 5.2 but instead to 5.1 to provide a smoother experience to users. > We can consider adding a 5.2 optional switch via Jipijapa if bandwidth permit but let's treat it as a second issue and have [~smarlow] lead it. > PS: I put v11Alpha1 but feel free to adjust it to any WF 11 version that fits best. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5227) Move security-manager subsystem from WildFly to WildFly Core

by Ken Wills (JIRA)

[ https://issues.jboss.org/browse/WFLY-5227?page=com.atlassian.jira.plugin.... ] Ken Wills commented on WFLY-5227: --------------------------------- [~okotek] This is in progress, should be completed within the next few days. > Move security-manager subsystem from WildFly to WildFly Core > ------------------------------------------------------------ > > Key: WFLY-5227 > URL: https://issues.jboss.org/browse/WFLY-5227 > Project: WildFly > Issue Type: Bug > Components: Security Manager > Reporter: Josef Cacek > Assignee: Ken Wills > Priority: Critical > > It's not possible to define security permissions in WildFly Core without {{security-manager}} subsystem. Therefore the subsystem should be moved from WildFly to the Core. > More details in the [Permissions in WildFly Core|http://lists.jboss.org/pipermail/wildfly-dev/2015-August/thread.html...] thread on {{wildfly-dev}} mailing list. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7663) Upgrade JBossWS from 5.1.5.Final to 5.1.6.Final

by Alessio Soldano (JIRA)

Alessio Soldano created WFLY-7663: ------------------------------------- Summary: Upgrade JBossWS from 5.1.5.Final to 5.1.6.Final Key: WFLY-7663 URL: https://issues.jboss.org/browse/WFLY-7663 Project: WildFly Issue Type: Component Upgrade Components: Web Services Reporter: Alessio Soldano Assignee: Alessio Soldano Fix For: 11.0.0.Alpha1 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-962) [GSS] (5.2.0 patch) Improve SimpleRoleGroup Scalability to Large Numbers of Roles

by Derek Horton (JIRA)

Derek Horton created SECURITY-962: ------------------------------------- Summary: [GSS] (5.2.0 patch) Improve SimpleRoleGroup Scalability to Large Numbers of Roles Key: SECURITY-962 URL: https://issues.jboss.org/browse/SECURITY-962 Project: PicketBox Issue Type: Patch Components: Identity Reporter: Derek Horton Assignee: Stefan Guilhen Fix For: PicketBox_4_9_3.Final During load testing we found out that SimpleRoleGroup does not scale well to large numbers of roles (200 in our case). The reason for this is that it uses {{ArrayList#contains}} with scales linearly with the size of the collection. Since the method is called in a loop the scalability is actually quadratic. See the following [mailing list discussion|http://lists.jboss.org/pipermail/wildfly-dev/2015-June/004033....] and the attached screenshot. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7658) Undertow allows invalid URL patterns for Servlets

by Stuart Douglas (JIRA)

[ https://issues.jboss.org/browse/WFLY-7658?page=com.atlassian.jira.plugin.... ] Stuart Douglas resolved WFLY-7658. ---------------------------------- Resolution: Rejected This was a deliberate choice for backwards compatibility reasons. > Undertow allows invalid URL patterns for Servlets > ------------------------------------------------- > > Key: WFLY-7658 > URL: https://issues.jboss.org/browse/WFLY-7658 > Project: WildFly > Issue Type: Bug > Components: Web (Undertow) > Affects Versions: 10.1.0.Final > Reporter: Guillermo González de Agüero > Assignee: Stuart Douglas > > Point 12.1 says: > {quote} > The path used for mapping to a servlet is the request URL from the request object minus the context path and the path parameters. The URL path mapping rules below are used in order. The first successful match is used with no further matches attempted: > {quote} > Given this, the string used to compare match will always start with "/". > Point 12.2 of the Servlet 3.1 spec states the following conditions for the URL patterns of a Servlet: > {quote} > * A string beginning with a ‘/’ character and ending with a ‘/*’ suffix is used for path mapping. > * A string beginning with a ‘*.’ prefix is used as an extension mapping. > * The empty string ("") is a special URL pattern that exactly maps to the application's context root, i.e., requests of the form http://host:port/<context-root>/. In this case the path info is ’/’ and the servlet path and context path is empty string (““). > * A string containing only the ’/’ character indicates the "default" servlet of the application. In this case the servlet path is the request URI minus the context path and the path info is null. > * *All other strings are used for exact matches only.* > {quote} > If only exact matches are allowed, then an url pattern like "users" is unmatchable and thus invalid. > However, Undertow is treating the url the same way as if it was prefixed with "/". While the spec doesn't mandate to cancel deployment in case of invalid url pattern (at least I haven't found it), at least a warning to the user saying the deployment has unmatchable url patterns would be appreciated. > A Servlet with this path fails to deploy on Tomcat and Glassfish/Payara. Curiously, it works on Jetty. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7662) CLIENT-CERT authentication doesn't work

by Rostyslav Smirnov (JIRA)

Rostyslav Smirnov created WFLY-7662: --------------------------------------- Summary: CLIENT-CERT authentication doesn't work Key: WFLY-7662 URL: https://issues.jboss.org/browse/WFLY-7662 Project: WildFly Issue Type: Bug Components: Web (Undertow) Affects Versions: 10.1.0.Final Environment: Java 1.8.0_112 Reporter: Rostyslav Smirnov Assignee: Stuart Douglas When accessing a web application secured by CLIENT-CERT authentication, a browser no longer presents certificate dialog prompt, always displays response 403 Forbidden instead. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7661) Mark also ssl-session-cache-size and ssl-session-timeout attributes as deprecated in Undertow's https-listener

by Stuart Douglas (JIRA)

[ https://issues.jboss.org/browse/WFLY-7661?page=com.atlassian.jira.plugin.... ] Stuart Douglas moved JBEAP-7481 to WFLY-7661: --------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-7661 (was: JBEAP-7481) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Web (Undertow) (was: Web (Undertow)) Affects Version/s: (was: 7.1.0.DR8) > Mark also ssl-session-cache-size and ssl-session-timeout attributes as deprecated in Undertow's https-listener > -------------------------------------------------------------------------------------------------------------- > > Key: WFLY-7661 > URL: https://issues.jboss.org/browse/WFLY-7661 > Project: WildFly > Issue Type: Bug > Components: Web (Undertow) > Reporter: Stuart Douglas > Assignee: Stuart Douglas > > Some of Undertow's https-listener attributes have been marked as deprecated recently due to the Elytron subsystem added into 7.1. Although there are still two attributes, that I think should be marked as deprecated but they have not been marked so yet. These are: > {code} > "ssl-session-cache-size" => { > "type" => INT, > "description" => "The maximum number of active SSL sessions", > "expressions-allowed" => true, > "nillable" => true, > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "no-services" > }, > "ssl-session-timeout" => { > "type" => INT, > "description" => "The timeout for SSL sessions, in seconds", > "expressions-allowed" => true, > "nillable" => true, > "unit" => "SECONDS", > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "no-services" > }, > {code} > Both can be set via Elytron ssl-context: > {code} > /subsystem=elytron/server-ssl-context=mytest:read-resource-description > ... > "maximum-session-cache-size" => { > "type" => INT, > "description" => "The maximum number of SSL sessions to be cached.", > "expressions-allowed" => true, > "nillable" => true, > "default" => 0, > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "resource-services" > }, > ... > "session-timeout" => { > "type" => INT, > "description" => "The timeout for SSL sessions.", > "expressions-allowed" => true, > "nillable" => true, > "default" => 0, > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "resource-services" > }, > ... > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-789) The UnaryOperator passed to AuthenticationConfiguration.createSaslClient needs to wrap inner most factory.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-789?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-789: --------------------------------- Priority: Critical (was: Major) > The UnaryOperator passed to AuthenticationConfiguration.createSaslClient needs to wrap inner most factory. > ---------------------------------------------------------------------------------------------------------- > > Key: ELY-789 > URL: https://issues.jboss.org/browse/ELY-789 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 1.1.0.Beta16 > > > The UnaryOperator is supposed to offer a final override configuration so needs to wrap the inner factory not the outer one as the outer one already has configuration based modifications applied to it so the effect of the UnaryOperator is ignored. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-789) The UnaryOperator passed to AuthenticationConfiguration.createSaslClient needs to wrap inner most factory.

by Darran Lofthouse (JIRA)

Darran Lofthouse created ELY-789: ------------------------------------ Summary: The UnaryOperator passed to AuthenticationConfiguration.createSaslClient needs to wrap inner most factory. Key: ELY-789 URL: https://issues.jboss.org/browse/ELY-789 Project: WildFly Elytron Issue Type: Bug Components: Authentication Client Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 1.1.0.Beta16 The UnaryOperator is supposed to offer a final override configuration so needs to wrap the inner factory not the outer one as the outer one already has configuration based modifications applied to it so the effect of the UnaryOperator is ignored. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7660) Upgrade to Elytron Subsystem 1.0.0.Alpha14

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7660?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7660: ----------------------------------- Priority: Critical (was: Major) > Upgrade to Elytron Subsystem 1.0.0.Alpha14 > ------------------------------------------ > > Key: WFLY-7660 > URL: https://issues.jboss.org/browse/WFLY-7660 > Project: WildFly > Issue Type: Component Upgrade > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 11.0.0.Alpha1 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira November 2016