June 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-1528) EAP 7 with secured management become unavailable after ~8 days

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1528?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1528: ------------------------------------- Fix Version/s: 3.0.0.Alpha3 (was: 3.0.0.Alpha2) > EAP 7 with secured management become unavailable after ~8 days > -------------------------------------------------------------- > > Key: WFCORE-1528 > URL: https://issues.jboss.org/browse/WFCORE-1528 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management, Security > Affects Versions: 2.1.0.Final > Environment: EAP 7.0.0.CR01 2-way ssl over remote https communication > Reporter: Simeon Pinder > Assignee: Brian Stansberry > Priority: Critical > Fix For: 2.2.0.CR2, 3.0.0.Alpha3 > > > Appears there may be an EAP 7.0.0.CR01 2-way ssl issue in domain mode. > Issue discovered by JON QE after testing for 8 days with SSL. > JON QE did not see the same issue when running identical test against EAP 6. > Restarting the remote client(JON Agent) did not repair/fix the issue, and only was repaired after EAP instance restarted. > See BZ https://bugzilla.redhat.com/show_bug.cgi?id=1330180#c0 for more details. > JON team would like some evaluation done to determine: > i)if this is EAP 7 issue or > ii)somehow just a JON issue > iii)suggestions on what to do when we try to reproduce properly or ways to shorten reproduce cycle. > This issue could affect GA release schedules. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-1515) Improve PersistentResourceDefinition to make it easier to register attribute write handlers

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1515?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1515: ------------------------------------- Fix Version/s: 3.0.0.Alpha3 (was: 3.0.0.Alpha2) > Improve PersistentResourceDefinition to make it easier to register attribute write handlers > ------------------------------------------------------------------------------------------- > > Key: WFCORE-1515 > URL: https://issues.jboss.org/browse/WFCORE-1515 > Project: WildFly Core > Issue Type: Enhancement > Components: Domain Management > Reporter: Tomaz Cerar > Assignee: Tomaz Cerar > Fix For: 3.0.0.Alpha3 > > > Currently if you want to take register custom write handler you need to override whole registerAttributes methods and do it yourself all the way. > We could add PersistentResourceDefinition.getAttributeHandlers() method that returns > a Map<String, OperationStepHandler>. > And then registerAttributes uses the map instead of hardcoding ReloadRequiredWriteAttributeHandler. Default impl just fills the map values with > ReloadRequiredWriteAttributeHandler. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-1489) Expose (un)registerNotificationHandler() on OperationContext

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1489?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1489: ------------------------------------- Fix Version/s: 3.0.0.Alpha3 (was: 3.0.0.Alpha2) > Expose (un)registerNotificationHandler() on OperationContext > ------------------------------------------------------------ > > Key: WFCORE-1489 > URL: https://issues.jboss.org/browse/WFCORE-1489 > Project: WildFly Core > Issue Type: Enhancement > Components: Domain Management > Reporter: Kabir Khan > Assignee: Kabir Khan > Fix For: 3.0.0.Alpha3 > > > Currently the only way to (un)register notifications is via the NotificationHandlerRegistration exposed by ModelController.getNotificationRegistry(). It would be nice to not have to install a service whose only purpose is to get hold of the ModelController from OSH's. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-1438) Elytron integration with logging subsystem

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1438?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1438: ------------------------------------- Fix Version/s: 3.0.0.Alpha3 (was: 3.0.0.Alpha2) > Elytron integration with logging subsystem > ------------------------------------------ > > Key: WFCORE-1438 > URL: https://issues.jboss.org/browse/WFCORE-1438 > Project: WildFly Core > Issue Type: Feature Request > Components: Logging > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 3.0.0.Alpha3 > > > This is primarily an investigation task to start with, Logging can use syslog, Syslog access can be protected with TLS, Elytron is providing unified SSL configuration - do we need to bring these together. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-1429) Add property to skip LogManager check at startup

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1429?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1429: ------------------------------------- Fix Version/s: 3.0.0.Alpha3 (was: 3.0.0.Alpha2) > Add property to skip LogManager check at startup > ------------------------------------------------ > > Key: WFCORE-1429 > URL: https://issues.jboss.org/browse/WFCORE-1429 > Project: WildFly Core > Issue Type: Feature Request > Components: Logging > Reporter: Dominique Broeglin > Assignee: James Perkins > Priority: Minor > Fix For: 3.0.0.Alpha3 > > > At startup, Wildfly checks that the default log manager (as returned by {{java.util.logging.LogManager.getLogManager()}} ) is {{org.jboss.logmanager.LogManager}}: > https://github.com/wildfly/wildfly-core/blob/master/logging/src/main/java... > This breaks some cases where the LogManager is wrapped because of the needs of that particular JVM like in OSv ( https://github.com/cloudius-systems/osv/blob/master/java/runjava/src/main... ). > As suggested on the mailing list, I would like to propose adding a property to bypass that check. Something along the lines of "jboss.logging.logManagerCheck = false/true" -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-1598) Conversion of Elytron SecurityIdentity to Subject for communication with older hosts.

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1598?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1598: ------------------------------------- Fix Version/s: 3.0.0.Alpha3 (was: 3.0.0.Alpha2) > Conversion of Elytron SecurityIdentity to Subject for communication with older hosts. > ------------------------------------------------------------------------------------- > > Key: WFCORE-1598 > URL: https://issues.jboss.org/browse/WFCORE-1598 > Project: WildFly Core > Issue Type: Task > Components: Domain Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 3.0.0.Alpha3 > > > In the domain hierarchy clients trust the server they communicate with so this server currently sends a serialized representation of the Subject containing information about the user initiating the request. > For Elytron we will use the new identity propagation features however for older slaves we will need to convert to a Subject representation. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-1590) Default parameter length validating ignores setMinSize(0)

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1590?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1590: ------------------------------------- Fix Version/s: 3.0.0.Alpha3 (was: 3.0.0.Alpha2) > Default parameter length validating ignores setMinSize(0) > --------------------------------------------------------- > > Key: WFCORE-1590 > URL: https://issues.jboss.org/browse/WFCORE-1590 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 3.0.0.Alpha1 > Reporter: Darran Lofthouse > Assignee: Brian Stansberry > Labels: affects_elytron > Fix For: 3.0.0.Alpha3 > > > With the following attribute definition: - > {code:java} > static final SimpleAttributeDefinition REPLACEMENT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.REPLACEMENT, ModelType.STRING, false) > .setAllowExpression(true) > .setMinSize(0) > .setFlags(AttributeAccess.Flag.RESTART_RESOURCE_SERVICES) > .build(); > {code} > The following error is reported if an empty string is used as a parameter: - > {noformat} > [standalone@localhost:9990 /] ./subsystem=elytron/regex-name-rewriter=strip-realm:add(pattern="@ELYTRON.ORG", replacement="", replace-all=true) > { > "outcome" => "failed", > "failure-description" => "WFLYCTL0113: '' is an invalid value for parameter replacement. Values must have a minimum length of 1 characters", > "rolled-back" => true > } > {noformat} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-1547) Integrate CredentialStore into Core

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1547?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1547: ------------------------------------- Fix Version/s: 3.0.0.Alpha3 (was: 3.0.0.Alpha2) > Integrate CredentialStore into Core > ----------------------------------- > > Key: WFCORE-1547 > URL: https://issues.jboss.org/browse/WFCORE-1547 > Project: WildFly Core > Issue Type: Sub-task > Components: Security > Reporter: Peter Skopek > Assignee: Peter Skopek > Fix For: 3.0.0.Alpha3 > > > Create necessary API for integrating Elytron CredentialStore API into WildFly Core. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-1533) Integrate Management Access Control permission assignment with Elytron

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1533?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1533: ------------------------------------- Fix Version/s: 3.0.0.Alpha3 (was: 3.0.0.Alpha2) > Integrate Management Access Control permission assignment with Elytron > ---------------------------------------------------------------------- > > Key: WFCORE-1533 > URL: https://issues.jboss.org/browse/WFCORE-1533 > Project: WildFly Core > Issue Type: Feature Request > Components: Domain Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: affects_elytron > Fix For: 3.0.0.Alpha3 > > > A big portion of management role based access control is taking the assigned roles and then mapping these to the permissions for that role. > Elytron provides a new PermissionMapper interface that takes a SecurityIdentity and the roles mapped for that identity and returns a PermissionVerifier which can be as simple as a wrapper around a PermissionCollection. > This will also be a good opportunity to start to move the role mapping out of the core management model to Elytron. > After that Elytron allows for custom PermissionMapper implementations to be provided and associated with the domain using capabilities and requirements so we arrive at a point where provided the permission checks performed by management are generic enough custom PermissionMapper / PermissionVerifier implementations can be added that may or may not be role based. > _Note: As with everything we are doing old and new need to be supported in parallel for a while although this may be achieved by providing default Elytron implementations that are wrappers around the old._ -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-1602) Elytron integration with JMX

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1602?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1602: ------------------------------------- Fix Version/s: 3.0.0.Alpha3 (was: 3.0.0.Alpha2) > Elytron integration with JMX > ---------------------------- > > Key: WFCORE-1602 > URL: https://issues.jboss.org/browse/WFCORE-1602 > Project: WildFly Core > Issue Type: Feature Request > Components: JMX > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 3.0.0.Alpha3 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira June 2016