March 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-446) Additional fields on SecurityIdentity

by David Lloyd (JIRA)

David Lloyd created ELY-446: ------------------------------- Summary: Additional fields on SecurityIdentity Key: ELY-446 URL: https://issues.jboss.org/browse/ELY-446 Project: WildFly Elytron Issue Type: Enhancement Components: API / SPI Reporter: David Lloyd Assignee: David Lloyd The following useful properties could be added to SecurityIdentity: * Identity creation time (the time when the identity itself is created, whether by login or by run-as) * Authentication information, including: ** Login timestamp (the time of the original authentication) ** Login mechanism & kind (SASL/HTTP/TLS etc.) ** Login protocol (HTTP/Remoting/etc.) incl. enclosing TLS information if any * Authentication identity information, including: ** Original authentication name ** Authentication forwarding credential(s) -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-1394) default maxPermgen is added when jvm isn't configured

by Ken Wills (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1394?page=com.atlassian.jira.plugi... ] Ken Wills reassigned WFCORE-1394: --------------------------------- Assignee: Martin Simka (was: Ken Wills) > default maxPermgen is added when jvm isn't configured > ------------------------------------------------------ > > Key: WFCORE-1394 > URL: https://issues.jboss.org/browse/WFCORE-1394 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 2.1.0.CR1 > Reporter: Martin Simka > Assignee: Martin Simka > Fix For: 3.0.0.Alpha1 > > > Default maxPermgen size is added when {{jvm}} element isn't specified in domain.xml/host.xml and warning is logged. > {code:xml} > <server-group name="main-server-group" profile="default"> >  > <socket-binding-group ref="standard-sockets"/> > </server-group> > {code} > {noformat} > WFLYHC0011: Ignoring <permgen> for jvm 'SUN' type jvm: null > {noformat} > It happens because default is defined in [JvmElement.java#L76|https://github.com/wildfly/wildfly-core/blob/master/h...] -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-1394) default maxPermgen is added when jvm isn't configured

by Ken Wills (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1394?page=com.atlassian.jira.plugi... ] Ken Wills commented on WFCORE-1394: ----------------------------------- Martin, is this OK to close? > default maxPermgen is added when jvm isn't configured > ------------------------------------------------------ > > Key: WFCORE-1394 > URL: https://issues.jboss.org/browse/WFCORE-1394 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 2.1.0.CR1 > Reporter: Martin Simka > Assignee: Martin Simka > Fix For: 3.0.0.Alpha1 > > > Default maxPermgen size is added when {{jvm}} element isn't specified in domain.xml/host.xml and warning is logged. > {code:xml} > <server-group name="main-server-group" profile="default"> >  > <socket-binding-group ref="standard-sockets"/> > </server-group> > {code} > {noformat} > WFLYHC0011: Ignoring <permgen> for jvm 'SUN' type jvm: null > {noformat} > It happens because default is defined in [JvmElement.java#L76|https://github.com/wildfly/wildfly-core/blob/master/h...] -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-444) AuthorizationIdentity and PermissionMapper

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-444?page=com.atlassian.jira.plugin.sy... ] David Lloyd commented on ELY-444: --------------------------------- This is almost an internal view to a SecurityIdentity, since some of this information already exists there. We shouldn't duplicate it, but maybe we can introduce an internal view class for each identity, or maybe we can introduce an accessor class like we have for authentication clients. > AuthorizationIdentity and PermissionMapper > ------------------------------------------ > > Key: ELY-444 > URL: https://issues.jboss.org/browse/ELY-444 > Project: WildFly Elytron > Issue Type: Enhancement > Components: API / SPI, Realms > Reporter: David Lloyd > Fix For: 1.1.0.Beta5 > > > When we initially designed the PermissionMapper we went to certain lengths to avoid exposing details of the realm. But now as the API has evolved it is clear that the permission mapper will need access to more information. The AuthorizationIdentity (or perhaps another object which includes the AuthorizationIdentity) should be made available to the permission mapper. > In addition, this object could be expanded to include more information about the authentication, for example mechanism-specific information, which can feed into the authorization decision and could be useful for other things. Examples include: authentication timestamp, mechanism name/kind, forwarding credentials, and other attributes which derive from the mechanism as opposed to the identity. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-6359) Investigate consequences of changes in JDK9 on JBoss Logging

by James Perkins (JIRA)

[ https://issues.jboss.org/browse/WFLY-6359?page=com.atlassian.jira.plugin.... ] James Perkins commented on WFLY-6359: ------------------------------------- The logmanager needs to be analyzed due to changes in [JEP 264|http://openjdk.java.net/jeps/264]. A while ago I started a PoC implementation to interact with JBoss Log Manager, but I haven't looked at it in a while. If this is urgent I could look at what might need to change. You can workaround the error by setting the system property {{sun.util.logging.disableCallerCheck}} to {{true}}. > Investigate consequences of changes in JDK9 on JBoss Logging > ------------------------------------------------------------ > > Key: WFLY-6359 > URL: https://issues.jboss.org/browse/WFLY-6359 > Project: WildFly > Issue Type: Task > Components: Logging > Affects Versions: 10.0.0.Final > Reporter: Richard Opalka > Assignee: James Perkins > Fix For: 10.1.0.Final > > > When running: > $[wildfly-core/logging]>mvn test -Dtest=**/Log4jAppenderTestCase > on JDK9 the test is failing. After short debugging I identified the difference between JDK8 and JKD9 that is causing the test to fail. In JDK8 the relevant piece of code was: > {code} > // java.util.logging.Logger > private static Logger demandLogger(String name, String resourceBundleName, Class<?> caller) { > LogManager manager = LogManager.getLogManager(); > SecurityManager sm = System.getSecurityManager(); > if (sm != null && !SystemLoggerHelper.disableCallerCheck) { > if (caller.getClassLoader() == null) { > return manager.demandSystemLogger(name, resourceBundleName); > } > } > return manager.demandLogger(name, resourceBundleName, caller); > // ends up calling new Logger(name, resourceBundleName, caller) > // iff the logger doesn't exist already > } > {code} > in JDK9 the Security Manager check part disappeared: > {code} > // java.util.logging.Logger > private static Logger demandLogger(String name, String resourceBundleName, Class<?> caller) { > LogManager manager = LogManager.getLogManager(); > if (!SystemLoggerHelper.disableCallerCheck) { > if (caller.getClassLoader() == null) { > return manager.demandSystemLogger(name, resourceBundleName, caller); > } > } > return manager.demandLogger(name, resourceBundleName, caller); > // ends up calling new Logger(name, resourceBundleName, caller) > // iff the logger doesn't exist already > } > {code} > This change causes the platform java.util.logging.Logger is returned instead of expected one > org.jboss.logmanager.Logger. > It is possible to workaround this problem by setting sun.util.logging.disableCallerCheck JVM property, like: > $[wildfly-core/logging]>mvn test -Dtest=**/Log4jAppenderTestCase -Dsun.util.logging.disableCallerCheck=true > Please investigate, whether this is regression that should be addressed by Oracle and if there are not other potential problems affecting proper logging functionality on JDK9. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-6348) upgrade org.jboss.spec.javax.el:jboss-el-api_3.0_spec to 1.0.6.Final

by Scott Marlow (JIRA)

[ https://issues.jboss.org/browse/WFLY-6348?page=com.atlassian.jira.plugin.... ] Scott Marlow closed WFLY-6348. ------------------------------ Resolution: Done > upgrade org.jboss.spec.javax.el:jboss-el-api_3.0_spec to 1.0.6.Final > -------------------------------------------------------------------- > > Key: WFLY-6348 > URL: https://issues.jboss.org/browse/WFLY-6348 > Project: WildFly > Issue Type: Component Upgrade > Components: EE > Reporter: Bartosz Baranowski > Assignee: Scott Marlow > Fix For: 10.1.0.Final > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-6347) org.jboss.el.cache.BeanPropertiesCache leaks memory in static void clear(ClassLoader classLoader)

by Scott Marlow (JIRA)

[ https://issues.jboss.org/browse/WFLY-6347?page=com.atlassian.jira.plugin.... ] Scott Marlow closed WFLY-6347. ------------------------------ Resolution: Done > org.jboss.el.cache.BeanPropertiesCache leaks memory in static void clear(ClassLoader classLoader) > ------------------------------------------------------------------------------------------------- > > Key: WFLY-6347 > URL: https://issues.jboss.org/browse/WFLY-6347 > Project: WildFly > Issue Type: Bug > Components: EE > Reporter: Bartosz Baranowski > Assignee: Scott Marlow > Priority: Blocker > Fix For: 10.1.0.Final > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-1288) installing CP over one-off fails if the modules patched by the one-off are not patched in the CP

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1288?page=com.atlassian.jira.plugi... ] RH Bugzilla Integration commented on WFCORE-1288: ------------------------------------------------- Dominik Pospisil <dpospisi(a)redhat.com> changed the Status of [bug 1295999|https://bugzilla.redhat.com/show_bug.cgi?id=1295999] from ASSIGNED to POST > installing CP over one-off fails if the modules patched by the one-off are not patched in the CP > ------------------------------------------------------------------------------------------------ > > Key: WFCORE-1288 > URL: https://issues.jboss.org/browse/WFCORE-1288 > Project: WildFly Core > Issue Type: Bug > Components: Patching > Affects Versions: 1.0.1.Final > Reporter: Alexey Loubyansky > Assignee: Alexey Loubyansky > Priority: Critical > Fix For: 2.0.8.Final > > > If a CP is installed over active one-off patches, the patch application may fail if the CP does not contain updates for the modules that were patched by the one-offs. > Normally, CP patches accumulate the one-off patches released since the previous CP which is, probably, why this bug has not been discovered for a long time. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-6365) Update permissions to use Elytron permission helper API

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/WFLY-6365?page=com.atlassian.jira.plugin.... ] David Lloyd updated WFLY-6365: ------------------------------ Parent: WFLY-4588 Issue Type: Sub-task (was: Task) > Update permissions to use Elytron permission helper API > ------------------------------------------------------- > > Key: WFLY-6365 > URL: https://issues.jboss.org/browse/WFLY-6365 > Project: WildFly > Issue Type: Sub-task > Reporter: David Lloyd > Fix For: 11.0.0.Alpha1 > > > The Elytron permission base classes ensure spec compliance including serialization guarantees while also drastically reducing the amount of code required to implement permission classes correctly and improving performance and memory overhead, especially when a security manager is engaged. Use these classes as base classes for all WildFly permission classes. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-6365) Update permissions to use Elytron permission helper API

by David Lloyd (JIRA)

David Lloyd created WFLY-6365: --------------------------------- Summary: Update permissions to use Elytron permission helper API Key: WFLY-6365 URL: https://issues.jboss.org/browse/WFLY-6365 Project: WildFly Issue Type: Task Reporter: David Lloyd Fix For: 11.0.0.Alpha1 The Elytron permission base classes ensure spec compliance including serialization guarantees while also drastically reducing the amount of code required to implement permission classes correctly and improving performance and memory overhead, especially when a security manager is engaged. Use these classes as base classes for all WildFly permission classes. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 1 month

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira March 2016