[JBoss JIRA] (ELY-718) Problems with creating CredentialStore from scratch when directory path doesn't exist.
by David Lloyd (JIRA)
[ https://issues.jboss.org/browse/ELY-718?page=com.atlassian.jira.plugin.sy... ]
David Lloyd commented on ELY-718:
---------------------------------
This should be fixed by https://github.com/wildfly-security/wildfly-elytron/pull/594
> Problems with creating CredentialStore from scratch when directory path doesn't exist.
> --------------------------------------------------------------------------------------
>
> Key: ELY-718
> URL: https://issues.jboss.org/browse/ELY-718
> Project: WildFly Elytron
> Issue Type: Bug
> Reporter: Hynek Švábek
> Assignee: Peter Skopek
> Priority: Critical
>
> There are problems with creating CredentialStore from scratch when directory path doesn't exist.
> *How to reproduce*
> * /subsystem=elytron/credential-store=cs007:add(uri="cr-store://test/folderNotExist/keystorecs007.jceks?store.password=pass123;create.storage=true")
> * /subsystem=elytron/credential-store=cs007/alias=newCs007:add(secret-value=Elytron)
> *You can see this error message*
> {code}
> {
> "outcome" => "failed",
> "failure-description" => "WFLYELY00009: Unable to complete operation. 'ELY09504: Cannot write storage file '/home/hsvabek/securityworkspace/AAA_prezentace/jboss-eap-7.1.0.DR7/standalone/data/folderNotExist/keystorecs007.jceks' for the store 'cs007''",
> "rolled-back" => true
> }
> {code}
> When you execute repeatedly last command /subsystem=elytron/credential-store=cs007/alias=newCs007:add(secret-value=Elytron)
> you get information about duplicate resource. It's mean the entry is in Credential Store (in memory) but not in file...
> {code}
> {
> "outcome" => "failed",
> "failure-description" => "WFLYCTL0212: Duplicate resource [
> (\"subsystem\" => \"elytron\"),
> (\"credential-store\" => \"cs123\"),
> (\"alias\" => \"newCs007\")
> ]",
> "rolled-back" => true
> }
> {code}
> *My suggestion solutions of this two problems:*
> * try to create directory path
> * when fails creating of CredentialStore file then we remove entry from memory too. It can be confusing have entry only in memory.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (WFCORE-1921) Problem with capability-reference to resource whose name is number with ZERO(s) prefix.
by Tomaz Cerar (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1921?page=com.atlassian.jira.plugi... ]
Tomaz Cerar commented on WFCORE-1921:
-------------------------------------
cause DMR-29
> Problem with capability-reference to resource whose name is number with ZERO(s) prefix.
> ---------------------------------------------------------------------------------------
>
> Key: WFCORE-1921
> URL: https://issues.jboss.org/browse/WFCORE-1921
> Project: WildFly Core
> Issue Type: Bug
> Components: CLI, Domain Management
> Reporter: Hynek Švábek
> Assignee: Tomaz Cerar
>
> Problem with resources which name contains only NUMBERS.
> Particularly the number which beginning with ZERO(s).
> *Scenario*
> * I have resources which name contains only numbers with ZERO(s) prefix
> * I want set capability-reference to it
> * e.g. /subsystem=elytron/aggregate-role-mapper001=aggregateRoleMapper:add(role-mappers=[001,111])
> *Actual result*
> {code}
> {
> "outcome" => "failed",
> "failure-description" => "WFLYCTL0369: Required capabilities are not available:
> org.wildfly.security.role-mapper.1; There are no known registration points which can provide this capability.",
> "rolled-back" => true
> }
> {code}
> *Expected result*
> {code}
> Success
> {code}
> *NOTE*
> In my opinion is this global problem.
> I tried it with another subsystem and problem is there too.
> {code}
> /subsystem=datasources/data-source=001:add(connection-url="url", jndi-name="java:jboss/datasources/001", driver-name=h2)
> /subsystem=infinispan/cache-container=server/local-cache=default/store=string-jdbc:add(data-source=001)
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (WFCORE-1921) Problem with capability-reference to resource whose name is number with ZERO(s) prefix.
by Tomaz Cerar (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1921?page=com.atlassian.jira.plugi... ]
Tomaz Cerar commented on WFCORE-1921:
-------------------------------------
Problem is on client already as CLI sends operation to server without leading zeros.
I've managed to boil down problem to ModelNode.fromString(value)
which in case you pass "[001,111]" which is a list returns back
ModelNode with contents:
[
1,
111
]
> Problem with capability-reference to resource whose name is number with ZERO(s) prefix.
> ---------------------------------------------------------------------------------------
>
> Key: WFCORE-1921
> URL: https://issues.jboss.org/browse/WFCORE-1921
> Project: WildFly Core
> Issue Type: Bug
> Components: CLI, Domain Management
> Reporter: Hynek Švábek
> Assignee: Tomaz Cerar
>
> Problem with resources which name contains only NUMBERS.
> Particularly the number which beginning with ZERO(s).
> *Scenario*
> * I have resources which name contains only numbers with ZERO(s) prefix
> * I want set capability-reference to it
> * e.g. /subsystem=elytron/aggregate-role-mapper001=aggregateRoleMapper:add(role-mappers=[001,111])
> *Actual result*
> {code}
> {
> "outcome" => "failed",
> "failure-description" => "WFLYCTL0369: Required capabilities are not available:
> org.wildfly.security.role-mapper.1; There are no known registration points which can provide this capability.",
> "rolled-back" => true
> }
> {code}
> *Expected result*
> {code}
> Success
> {code}
> *NOTE*
> In my opinion is this global problem.
> I tried it with another subsystem and problem is there too.
> {code}
> /subsystem=datasources/data-source=001:add(connection-url="url", jndi-name="java:jboss/datasources/001", driver-name=h2)
> /subsystem=infinispan/cache-container=server/local-cache=default/store=string-jdbc:add(data-source=001)
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (WFCORE-1921) Problem with capability-reference to resource whose name is number with ZERO(s) prefix.
by Tomaz Cerar (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1921?page=com.atlassian.jira.plugi... ]
Tomaz Cerar updated WFCORE-1921:
--------------------------------
Component/s: Domain Management
> Problem with capability-reference to resource whose name is number with ZERO(s) prefix.
> ---------------------------------------------------------------------------------------
>
> Key: WFCORE-1921
> URL: https://issues.jboss.org/browse/WFCORE-1921
> Project: WildFly Core
> Issue Type: Bug
> Components: CLI, Domain Management
> Reporter: Hynek Švábek
> Assignee: Tomaz Cerar
>
> Problem with resources which name contains only NUMBERS.
> Particularly the number which beginning with ZERO(s).
> *Scenario*
> * I have resources which name contains only numbers with ZERO(s) prefix
> * I want set capability-reference to it
> * e.g. /subsystem=elytron/aggregate-role-mapper001=aggregateRoleMapper:add(role-mappers=[001,111])
> *Actual result*
> {code}
> {
> "outcome" => "failed",
> "failure-description" => "WFLYCTL0369: Required capabilities are not available:
> org.wildfly.security.role-mapper.1; There are no known registration points which can provide this capability.",
> "rolled-back" => true
> }
> {code}
> *Expected result*
> {code}
> Success
> {code}
> *NOTE*
> In my opinion is this global problem.
> I tried it with another subsystem and problem is there too.
> {code}
> /subsystem=datasources/data-source=001:add(connection-url="url", jndi-name="java:jboss/datasources/001", driver-name=h2)
> /subsystem=infinispan/cache-container=server/local-cache=default/store=string-jdbc:add(data-source=001)
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (WFCORE-1921) Problem with capability-reference to resource whose name is number with ZERO(s) prefix.
by Tomaz Cerar (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1921?page=com.atlassian.jira.plugi... ]
Tomaz Cerar updated WFCORE-1921:
--------------------------------
Component/s: CLI
(was: Domain Management)
> Problem with capability-reference to resource whose name is number with ZERO(s) prefix.
> ---------------------------------------------------------------------------------------
>
> Key: WFCORE-1921
> URL: https://issues.jboss.org/browse/WFCORE-1921
> Project: WildFly Core
> Issue Type: Bug
> Components: CLI
> Reporter: Hynek Švábek
> Assignee: Tomaz Cerar
>
> Problem with resources which name contains only NUMBERS.
> Particularly the number which beginning with ZERO(s).
> *Scenario*
> * I have resources which name contains only numbers with ZERO(s) prefix
> * I want set capability-reference to it
> * e.g. /subsystem=elytron/aggregate-role-mapper001=aggregateRoleMapper:add(role-mappers=[001,111])
> *Actual result*
> {code}
> {
> "outcome" => "failed",
> "failure-description" => "WFLYCTL0369: Required capabilities are not available:
> org.wildfly.security.role-mapper.1; There are no known registration points which can provide this capability.",
> "rolled-back" => true
> }
> {code}
> *Expected result*
> {code}
> Success
> {code}
> *NOTE*
> In my opinion is this global problem.
> I tried it with another subsystem and problem is there too.
> {code}
> /subsystem=datasources/data-source=001:add(connection-url="url", jndi-name="java:jboss/datasources/001", driver-name=h2)
> /subsystem=infinispan/cache-container=server/local-cache=default/store=string-jdbc:add(data-source=001)
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (ELY-813) CredentialStore operations can be slow
by David Lloyd (JIRA)
David Lloyd created ELY-813:
-------------------------------
Summary: CredentialStore operations can be slow
Key: ELY-813
URL: https://issues.jboss.org/browse/ELY-813
Project: WildFly Elytron
Issue Type: Bug
Components: Credential Store
Reporter: David Lloyd
Credential store operations can be slow, as they generally flush the updated store to disk after every operation making multiple changes undergo many pointless flushes. We can solve this a number of different possible ways:
* Make CredentialStore use the same access pattern as KeyStore, where the user is responsible for flushing changes when they are complete, putting the user in charge of storage details (user is responsible for concurrency control)
* Make CredentialStore implement a {{flush()}} method (and {{hasUnflushedChanges()}} method) which performs the persistence step separately at a time of the user's choosing (user is responsible for concurrency control) (memory-backed stores always return {{false}} for {{hasUnflushedChanges()}}) (this is my preferred approach)
* Implement a transaction API in CredentialStore to allow concurrent non-conflicting updates with lock protection, isolation, atomicity, and consistency properties (credential store manages concurrency control via lock/transaction objects)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (JGRP-2140) Replace Table with RingBuffer in UNICAST3 and NAKACK2
by Bela Ban (JIRA)
Bela Ban created JGRP-2140:
------------------------------
Summary: Replace Table with RingBuffer in UNICAST3 and NAKACK2
Key: JGRP-2140
URL: https://issues.jboss.org/browse/JGRP-2140
Project: JGroups
Issue Type: Enhancement
Reporter: Bela Ban
Assignee: Bela Ban
Fix For: 4.1
Table does allocate memory on resizing or compaction; whereas RingBuffer doesn't. Replacing Table with RingBuffer might bring memory allocation rates even further down.
However, using RingBuffer as message store means that the capacity is fixed; when the RingBuffer is full, messages would get dropped. This should not be a big issue as they will get retransmitted anyway, and flow control should actually kick in to throttle senders (this is done now, to prevent Table from growing out of bounds).
Measure the impact on performance. Table is a critical class used by NAKACK2 and UNICAST3, and is battle tested. Do this only if the benefits trump the risk.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (WFLY-7730) Problem in undertow application-security-domain removing
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFLY-7730?page=com.atlassian.jira.plugin.... ]
Jan Kalina updated WFLY-7730:
-----------------------------
Affects Version/s: 11.0.0.Alpha1
> Problem in undertow application-security-domain removing
> --------------------------------------------------------
>
> Key: WFLY-7730
> URL: https://issues.jboss.org/browse/WFLY-7730
> Project: WildFly
> Issue Type: Bug
> Affects Versions: 11.0.0.Alpha1
> Reporter: Jan Kalina
> Assignee: Jan Kalina
>
> Following error when try to remove *undertow.application-security-domain*:
> java.lang.IllegalArgumentException: WFLYCTL0394: Capability 'org.wildfly.extension.undertow.application-security-domain.ejb3-tests' does not provide services of type 'class org.wildfly.security.auth.server.HttpAuthenticationFactory'
> Problem is wrong type in obtaining service in RemoveHandler.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months